CVE-2018-5761

HIGH

Rubrik CDM <4.0.4-p2 - Info Disclosure

Title source: llm
STIX 2.1

Description

A man-in-the-middle vulnerability related to vCenter access was found in Rubrik CDM 3.x and 4.x before 4.0.4-p2. This vulnerability might expose Rubrik user credentials configured to access vCenter as Rubrik clusters did not verify TLS certificates presented by vCenter.

References (2)

Core 2
Core References
Third Party Advisory x_refsource_confirm
https://gist.github.com/srau/0ed7747953b3571247a6c485f91619ff
Permissions Required x_refsource_confirm
https://support.rubrik.com/articles/How_To/000001135

Scores

CVSS v3 8.1
EPSS 0.0054
EPSS Percentile 41.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-295
Status published
Products (2)
rubrik/cdm 4.0.4 p1
rubrik/cdm < 3.0.0
Published Jan 22, 2018
Tracked Since Feb 18, 2026