VMware removes hard-coded root access key from vSphere Data Protection

Click here to visit Original posting

VMware has released a hotfix for vSphere Data Protection (VDP) to change a hard-coded SSH key that could allow remote attackers to gain root access to the virtual appliance.

VDP is a disk-based backup and recovery product that runs as an open virtual appliance (OVA). It integrates with the VMware vCenter Server and provides centralized management of backup jobs for up to 100 virtual machines.

According to a VMware support article, the vSphere Data Protection (VDP) appliance contains a static SSH private key with a known password. This key allows interoperability with EMC Avamar, a deduplication backup and recovery software solution, and is pre-configured on the VDP as an AuthorizedKey.

To read this article in full or to leave a comment, please click here

VMware removes hard-coded root access key from vSphere Data Protection

Quordle today – hints and answers for Friday, April 19 (game #816)

NYT Strands today — hints, answers and spangram for Friday, April 19 (game #47)

Galaxy users claim they’re running into infamous green line problem after update

NVIDIA Instant NeRFs need just a few images to make 3D scenes