A man-in-the-middle vulnerability related to vCenter access was found in Rubrik CDM 3.x and 4.x before 4.0.4-p2. This vulnerability might expose Rubrik user credentials configured to access vCenter as Rubrik clusters did not verify TLS certificates presented by vCenter.
References
Link | Resource |
---|---|
https://gist.github.com/srau/0ed7747953b3571247a6c485f91619ff | Third Party Advisory |
https://support.rubrik.com/articles/How_To/000001135 | Permissions Required |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-01-22T17:00:00
Updated: 2018-01-22T16:57:02
Reserved: 2018-01-17T00:00:00
Link: CVE-2018-5761
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-01-22T17:29:00.223
Modified: 2018-02-15T18:26:08.380
Link: CVE-2018-5761
JSON object: View
Redhat Information
No data.
CWE