VMware issued patches on Wednesday for a trio of critical vulnerabilities in its vSphere Data Protection disk-based backup and recovery solution. In all three cases, the problem was found in versions 6.1.x, 6.0.x, and 5.x, and repaired in versions 6.1.6 and 6.0.7.
The first corrected bug is an application authentication bypass vulnerability, designated CVE-2017-15548, that can be exploited by remote, unauthenticated attackers to gain root access to an affected system.
The second flaw, CVE-2017-15549, is an arbitrary file upload vulnerability, which remote, authenticated attackers with low privileges can exploit to introduce maliciously crafted files into any location on the server file system.
Finally, VMware also fixed CVE-2017-15550, a path traversal vulnerability that, according to the company’s official security advisory, can allow a remote authenticated malicious user with low privileges to “access arbitrary files on the server file system in the context of the running vulnerable application.”
VMware is a subsidiary of Dell Technologies.