About

Vulnerability CVE-2020-3952 revolves around the vmdir that ships with VMWare vCenter Server as it does not properly implement access controls. To exploit the vulnerability, a cyber actor must have network access to an affected vmdir deployment – they would then have the ability to extract highly sensitive data which could be used to compromise vCenter Server or other services dependent on vmdir for authentication.

More Information

We recommend checking this VMware advisory to see if a vmdir deployment is affected by CVE-2020-3952.

https://kb.vmware.com/s/article/78543

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3952

Fix

VMware has released patch 6.7u3f that fixes this vulnerability. VMware vCenter Server V7.0 and v6.5 are unaffected.

Want something new to listen to?

Check out our podcast, The Unfair Fight, where you can hear industry insights from Blackpoint Cyber leadership and our special guests firsthand.