Computer Security
[EN] securityvulns.ru no-pyccku


EMC Avamar certificate protection bypass
Published:02.02.2015
Source:
SecurityVulns ID:14239
Type:m-i-t-m
Threat Level:
5/10
Description:Insufficient certificate validation.
Affected:EMC : Avamar 7.0
CVE:CVE-2014-4632 (VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 does not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoof servers, and bypass intended backup and restore access restrictions, via a crafted certificate.)
Original documentdocumentEMC, ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability (02.02.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod