A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform version 5.x and 6.x prior to 6.1.1c. Cohesity clusters did not verify TLS certificates presented by vCenter. This vulnerability could expose Cohesity user credentials configured to access vCenter.
References
Link | Resource |
---|---|
https://github.com/cohesity/SecAdvisory/blob/master/README.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-07-12T19:04:51
Updated: 2019-07-12T19:04:51
Reserved: 2019-04-15T00:00:00
Link: CVE-2019-11242
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-12T20:15:10.987
Modified: 2019-07-17T18:39:34.930
Link: CVE-2019-11242
JSON object: View
Redhat Information
No data.
CWE