VMware vSphere Data Protection CVE-2018-11067 Open Redirection Vulnerability
BID:105969
CVE-2018-11067 |Info
VMware vSphere Data Protection CVE-2018-11067 Open Redirection Vulnerability
| Bugtraq ID: | 105969 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-11067 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 20 2018 12:00AM |
| Updated: | Nov 20 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
VMWare vSphere Data Protection 6.1.6 VMWare vSphere Data Protection 6.1.5 VMWare vSphere Data Protection 6.1.4 VMWare vSphere Data Protection 6.1 VMWare vSphere Data Protection 6.0.7 VMWare vSphere Data Protection 6.0.6 VMWare vSphere Data Protection 6.0.5 VMWare vSphere Data Protection 6.0 |
| Not Vulnerable: |
VMWare vSphere Data Protection 6.1.10 VMWare vSphere Data Protection 6.0.9 |
Discussion
VMware vSphere Data Protection CVE-2018-11067 Open Redirection Vulnerability
SAP NetWeaver is prone to open-redirection vulnerability
An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.
SAP NetWeaver is prone to open-redirection vulnerability
An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.
Solution / Fix
VMware vSphere Data Protection CVE-2018-11067 Open Redirection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.