A vulnerability in VMware vSphere Data Protection (VDP) (VMSA-2018-0001) could allow an unauthenticated, remote attacker to bypass authentication on a targeted system.
The vulnerability is due to an undisclosed condition that could allow authentication bypass. An attacker could exploit this vulnerability to bypass authentication and gain root access to a targeted system. Successful exploitation could result in a complete system compromise.
VMware has confirmed the vulnerability and released software updates.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.