CVE-2017-4917 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 23%

Affected Products (NVD)

Vendor	Product	Version
vmware	vsphere_data_protection	5.5.5
vmware	vsphere_data_protection	5.5.6
vmware	vsphere_data_protection	5.5.7
vmware	vsphere_data_protection	5.5.8
vmware	vsphere_data_protection	5.5.9
vmware	vsphere_data_protection	5.5.10
vmware	vsphere_data_protection	5.5.11
vmware	vsphere_data_protection	5.8.0
vmware	vsphere_data_protection	5.8.1
vmware	vsphere_data_protection	5.8.2
vmware	vsphere_data_protection	5.8.3
vmware	vsphere_data_protection	5.8.4
vmware	vsphere_data_protection	6.0.0
vmware	vsphere_data_protection	6.0.1
vmware	vsphere_data_protection	6.0.2
vmware	vsphere_data_protection	6.0.3
vmware	vsphere_data_protection	6.0.4
vmware	vsphere_data_protection	6.1.0
vmware	vsphere_data_protection	6.1.1
vmware	vsphere_data_protection	6.1.2
vmware	vsphere_data_protection	6.1.3

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.

References

http://www.securityfocus.com/bid/98936

http://www.securitytracker.com/id/1038617

http://www.vmware.com/security/advisories/VMSA-2017-0010.html

http://www.securityfocus.com/bid/98936

http://www.securitytracker.com/id/1038617

http://www.vmware.com/security/advisories/VMSA-2017-0010.html