Security Update:Critical Information Disclosure Vulnerability in VMware vSphere Data Protection (VDP)
Date and Time
VMware vSphere Data Protection Users
VMware released a new security advisory VMSA-2014-0011 to address a critical information disclosure vulnerability in VMware vSphere Data Protection (VDP).
Advanced Users: For a complete description of the security enhancement and affected software refer to VMware Security Advisory VMSA-2014-011 at http://www.vmware.com/security/advisories/VMSA-2014-0011.html.
- VMware vSphere Data Protection 5.5 prior to 5.5.7
WHAT'S THE PROBLEM?
If exploited, this vulnerability may allow a remote user to retrieve sensitive account credentials from the affected VDP server.
HOW DO I PROTECT MY COMPUTER?
- If IT Field Services or you have other IT support, no action on your part is required.
- If you do not have IT support, updates may be obtained through VMware Security Advisory VMSA-2014-011 at http://www.vmware.com/security/advisories/VMSA-2014-0011.html.
- IT Security at http://it.ucsf.edu/security