Vulnerability CVE-2020-3952 revolves around the vmdir that ships with VMWare vCenter Server as it does not properly implement access controls. To exploit the vulnerability, a cyber actor must have network access to an affected vmdir deployment – they would then have the ability to extract highly sensitive data which could be used to compromise vCenter Server or other services dependent on vmdir for authentication.
VMware vCenter Server Security Vulnerability (CVE-2020-3952)
About
More Information
We recommend checking this VMware advisory to see if a vmdir deployment is affected by CVE-2020-3952.
https://kb.vmware.com/s/article/78543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3952
Fix
VMware has released patch 6.7u3f that fixes this vulnerability. VMware vCenter Server V7.0 and v6.5 are unaffected.
DATE PUBLISHEDApril 16, 2020
AUTHORBlackpoint Cyber
SHARE ON
Subscribe to the Blackpoint Blog
Don’t let a lack of awareness leave the organizations you protect vulnerable to sophisticated and elusive attacks. Subscribe now for a weekly roundup of Blackpoint’s empowering articles.
Subscribe now!