Unrated severityNVD Advisory· Published Feb 1, 2015· Updated Jun 17, 2026
CVE-2014-4632
CVE-2014-4632
Description
VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoof servers, and bypass intended backup and restore access restrictions, via a crafted certificate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:vmware:vsphere_data_protection:5.1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:vmware:vsphere_data_protection:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vsphere_data_protection:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vsphere_data_protection:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vsphere_data_protection:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vsphere_data_protection:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vsphere_data_protection:5.8.0:*:*:*:*:*:*:*
- (no CPE)range: >=5.1 <5.5.9 >=5.8 <5.8.1
- Range: >=6.x <=7.0.x
- Range: >=6.x <=7.0.x
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.