VMware notified us that they released a new security bulletin (rated as "critical") which affects vSphere Data Protection (VDP).
VDP is vulnerable because it is based on Dell EMC Avamar Virtual Edition. Multiple vulnerabilities have been disclosed today in this solution:
Patches are available for both products.
This is a perfect example of how a product 'A' can affect a product 'B' when technologies are reused across multiple solutions.
Xavier Mertens (@xme)
Nov 20th 2018
3 months ago