what you don't know can hurt you

VMware Security Advisory 2018-0029

VMware Security Advisory 2018-0029
Posted Nov 20, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0029 - vSphere Data Protection (VDP) updates address multiple security issues.

tags | advisory
advisories | CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077
MD5 | a13b05da406af20fd576764026e2c0d7

VMware Security Advisory 2018-0029

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



- - ------------------------------------------------------------------------



VMware Security Advisory



Advisory ID: VMSA-2018-0029

Severity: Critical

Synopsis: vSphere Data Protection (VDP) updates address

multiple security issues.

Issue date: 2018-11-20

Updated on: 2018-11-20 (Initial Advisory)

CVE number: CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077





1. Summary



vSphere Data Protection (VDP) updates address

multiple security issues.



2. Relevant Products



vSphere Data Protection (VDP). VDP is based on Dell EMC Avamar

Virtual Edition.



3. Problem Description



a. Remote code execution vulnerability.



VDP contains a remote code execution vulnerability. A remote

unauthenticated attacker could potentially exploit this

vulnerability to execute arbitrary commands on the server.



The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11066 to this issue.



Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.



VMware Product Running Replace with/ Mitigation/

Product Version on Severity Apply Patch Workaround

========== ========= ======= ======== ================ ==========

VDP 6.1.x VA Critical 6.1.10 None

VDP 6.0.x VA Critical 6.0.9 None





b. Open redirection vulnerability.



VDP contains an open redirection vulnerability. A remote unauthenticated

attacker could potentially exploit this vulnerability to redirect

application users to arbitrary web URLs by tricking the victim users to

click on maliciously crafted links. The vulnerability could be used to

conduct phishing attacks that cause users to unknowingly visit malicious

sites.



The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11067 to this issue.



Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.



VMware Product Running Replace with/ Mitigation/

Product Version on Severity Apply Patch Workaround

========== ========= ======= ======== ================ ==========

VDP 6.1.x VA Important 6.1.10 None

VDP 6.0.x VA Important 6.0.9 None





c. Information exposure vulnerability.



VDP contains an information exposure vulnerability. VDP Java

management console's SSL/TLS private key may be leaked in the VDP

Java management client package. The private key could potentially be

used by an unauthenticated attacker on the same data-link layer to

initiate a MITM attack on management console users.



The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11076 to this issue.



Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.



VMware Product Running Replace with/ Mitigation/

Product Version on Severity Apply Patch Workaround

========== ========= ======= ======== ================ ==========

VDP 6.1.x VA Important 6.1.9 None

VDP 6.0.x VA Important 6.0.9 None





d. Command injection vulnerability.



The 'getlogs' troubleshooting utility in VDP contains an OS command

injection vulnerability. A malicious admin user may potentially be able

to execute arbitrary commands under root privilege.



The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11077 to this issue.



Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.



VMware Product Running Replace with/ Mitigation/

Product Version on Severity Apply Patch Workaround

========== ========= ======= ======== ================ ==========

VDP 6.1.x VA Moderate 6.1.10 None

VDP 6.0.x VA Moderate 6.0.9 None



4. Solution



Please review the patch/release notes for your product and version and

verify the checksum of your downloaded file.



vSphere Data Protection 6.1.10

Downloads and Documentation:

https://my.vmware.com/group/vmware/details?productId=491

&downloadGroup=VDP6110

https://www.vmware.com/support/pubs/vdr_pubs.html



vSphere Data Protection 6.0.9

Downloads and Documentation:

https://my.vmware.com/web/vmware/details?productId=491

&downloadGroup=VDP60_9

https://www.vmware.com/support/pubs/vdr_pubs.html





5. References



https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11066

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11067

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11076

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11077

- - -------------------------------------------------------------------------



6. Change log



2018-11-20 VMSA-2018-0029

Initial security advisory in conjunction with the release of VMware

vSphere Data Protection 6.1.10 on 2018-11-20



- - -------------------------------------------------------------------------

7. Contact



E-mail list for product security notifications and announcements:

http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce



This Security Advisory is posted to the following lists:



security-announce at lists.vmware.com

bugtraq at securityfocus.com

fulldisclosure at seclists.org



E-mail: security at vmware.com

PGP key at: https://kb.vmware.com/kb/1055



VMware Security Advisories

https://www.vmware.com/security/advisories



VMware Security Response Policy

https://www.vmware.com/support/policies/security_response.html



VMware Lifecycle Support Phases

https://www.vmware.com/support/policies/lifecycle.html



VMware Security & Compliance Blog

https://blogs.vmware.com/security



Twitter

https://twitter.com/VMwareSRC



Copyright 2018 VMware Inc. All rights reserved.



-----BEGIN PGP SIGNATURE-----

Version: Encryption Desktop 10.4.1 (Build 490)

Charset: utf-8



wj8DBQFb9EH6DEcm8Vbi9kMRAm01AJ95gjr0/RR7uEkqUOpgt0tJadv8LgCfVk78

uNuYj2zthluNsnPjltdQNTQ=

=UYUq

-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close