Lucene search

[email protected]CVE-2020-3976

HistoryAug 21, 2020 - 1:15 p.m.

CVE-2020-3976

2020-08-2113:15:14

CWE-400

[email protected]

web.nvd.nist.gov

cve-2020-3976

vmware

esxi

vcenter server

denial of service

vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.7%

JSON

VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

Affected configurations

NVD

Node

vmwarecloud_foundationRange3.0–3.10

vmwarecloud_foundationRange4.0–4.0.1

vmwarevcenter_serverMatch6.5-

vmwarevcenter_serverMatch6.5a

vmwarevcenter_serverMatch6.5b

vmwarevcenter_serverMatch6.5c

vmwarevcenter_serverMatch6.5d

vmwarevcenter_serverMatch6.5e

vmwarevcenter_serverMatch6.5f

vmwarevcenter_serverMatch6.5update1

vmwarevcenter_serverMatch6.5update1b

vmwarevcenter_serverMatch6.5update1c

vmwarevcenter_serverMatch6.5update1d

vmwarevcenter_serverMatch6.5update1e

vmwarevcenter_serverMatch6.5update1g

vmwarevcenter_serverMatch6.5update2

vmwarevcenter_serverMatch6.5update2b

vmwarevcenter_serverMatch6.5update2c

vmwarevcenter_serverMatch6.5update2d

vmwarevcenter_serverMatch6.5update2g

vmwarevcenter_serverMatch6.5update3

vmwarevcenter_serverMatch6.5update3d

vmwarevcenter_serverMatch6.5update3f

vmwarevcenter_serverMatch6.7-

vmwarevcenter_serverMatch6.7a

vmwarevcenter_serverMatch6.7b

vmwarevcenter_serverMatch6.7d

vmwarevcenter_serverMatch6.7update1

vmwarevcenter_serverMatch6.7update1b

vmwarevcenter_serverMatch6.7update2

vmwarevcenter_serverMatch6.7update2a

vmwarevcenter_serverMatch6.7update2c

vmwarevcenter_serverMatch6.7update3

vmwarevcenter_serverMatch6.7update3a

vmwarevcenter_serverMatch6.7update3b

vmwarevcenter_serverMatch6.7update3f

vmwarevcenter_serverMatch6.7update3g

vmwarevcenter_serverMatch7.0-

vmwarevcenter_serverMatch7.0a

vmwareesxiMatch6.5-

vmwareesxiMatch6.5650-201701001

vmwareesxiMatch6.5650-201703001

vmwareesxiMatch6.5650-201703002

vmwareesxiMatch6.5650-201704001

vmwareesxiMatch6.5650-201707101

vmwareesxiMatch6.5650-201707102

vmwareesxiMatch6.5650-201707103

vmwareesxiMatch6.5650-201707201

vmwareesxiMatch6.5650-201707202

vmwareesxiMatch6.5650-201707203

vmwareesxiMatch6.5650-201707204

vmwareesxiMatch6.5650-201707205

vmwareesxiMatch6.5650-201707206

vmwareesxiMatch6.5650-201707207

vmwareesxiMatch6.5650-201707208

vmwareesxiMatch6.5650-201707209

vmwareesxiMatch6.5650-201707210

vmwareesxiMatch6.5650-201707211

vmwareesxiMatch6.5650-201707212

vmwareesxiMatch6.5650-201707213

vmwareesxiMatch6.5650-201707214

vmwareesxiMatch6.5650-201707215

vmwareesxiMatch6.5650-201707216

vmwareesxiMatch6.5650-201707217

vmwareesxiMatch6.5650-201707218

vmwareesxiMatch6.5650-201707219

vmwareesxiMatch6.5650-201707220

vmwareesxiMatch6.5650-201707221

vmwareesxiMatch6.5650-201710001

vmwareesxiMatch6.5650-201712001

vmwareesxiMatch6.5650-201803001

vmwareesxiMatch6.5650-201806001

vmwareesxiMatch6.5650-201808001

vmwareesxiMatch6.5650-201810001

vmwareesxiMatch6.5650-201810002

vmwareesxiMatch6.5650-201811001

vmwareesxiMatch6.5650-201811002

vmwareesxiMatch6.5650-201811301

vmwareesxiMatch6.5650-201901001

vmwareesxiMatch6.5650-201903001

vmwareesxiMatch6.5650-201905001

vmwareesxiMatch6.5650-201908001

vmwareesxiMatch6.5650-201910001

vmwareesxiMatch6.5650-20191004001

vmwareesxiMatch6.5650-201911001

vmwareesxiMatch6.5650-201911401

vmwareesxiMatch6.5650-201911402

vmwareesxiMatch6.5650-201912001

vmwareesxiMatch6.5650-201912002

vmwareesxiMatch6.5650-201912101

vmwareesxiMatch6.5650-201912102

vmwareesxiMatch6.5650-201912103

vmwareesxiMatch6.5650-201912104

vmwareesxiMatch6.5650-201912301

vmwareesxiMatch6.5650-201912401

vmwareesxiMatch6.5650-201912402

vmwareesxiMatch6.5650-201912403

vmwareesxiMatch6.5650-201912404

vmwareesxiMatch6.5650-202005001

vmwareesxiMatch6.5650-202006001

vmwareesxiMatch6.5650-202007001

vmwareesxiMatch6.7-

vmwareesxiMatch6.7670-201806001

vmwareesxiMatch6.7670-201807001

vmwareesxiMatch6.7670-201808001

vmwareesxiMatch6.7670-201810001

vmwareesxiMatch6.7670-201810101

vmwareesxiMatch6.7670-201810102

vmwareesxiMatch6.7670-201810103

vmwareesxiMatch6.7670-201810201

vmwareesxiMatch6.7670-201810202

vmwareesxiMatch6.7670-201810203

vmwareesxiMatch6.7670-201810204

vmwareesxiMatch6.7670-201810205

vmwareesxiMatch6.7670-201810206

vmwareesxiMatch6.7670-201810207

vmwareesxiMatch6.7670-201810208

vmwareesxiMatch6.7670-201810209

vmwareesxiMatch6.7670-201810210

vmwareesxiMatch6.7670-201810211

vmwareesxiMatch6.7670-201810212

vmwareesxiMatch6.7670-201810213

vmwareesxiMatch6.7670-201810214

vmwareesxiMatch6.7670-201810215

vmwareesxiMatch6.7670-201810216

vmwareesxiMatch6.7670-201810217

vmwareesxiMatch6.7670-201810218

vmwareesxiMatch6.7670-201810219

vmwareesxiMatch6.7670-201810220

vmwareesxiMatch6.7670-201810221

vmwareesxiMatch6.7670-201810222

vmwareesxiMatch6.7670-201810223

vmwareesxiMatch6.7670-201810224

vmwareesxiMatch6.7670-201810225

vmwareesxiMatch6.7670-201810226

vmwareesxiMatch6.7670-201810227

vmwareesxiMatch6.7670-201810228

vmwareesxiMatch6.7670-201810229

vmwareesxiMatch6.7670-201810230

vmwareesxiMatch6.7670-201810231

vmwareesxiMatch6.7670-201810232

vmwareesxiMatch6.7670-201810233

vmwareesxiMatch6.7670-201810234

vmwareesxiMatch6.7670-201811001

vmwareesxiMatch6.7670-201901001

vmwareesxiMatch6.7670-201901401

vmwareesxiMatch6.7670-201901402

vmwareesxiMatch6.7670-201901403

vmwareesxiMatch6.7670-201903001

vmwareesxiMatch6.7670-201904001

vmwareesxiMatch6.7670-201904201

vmwareesxiMatch6.7670-201904202

vmwareesxiMatch6.7670-201904203

vmwareesxiMatch6.7670-201904204

vmwareesxiMatch6.7670-201904205

vmwareesxiMatch6.7670-201904206

vmwareesxiMatch6.7670-201904207

vmwareesxiMatch6.7670-201904208

vmwareesxiMatch6.7670-201904209

vmwareesxiMatch6.7670-201904210

vmwareesxiMatch6.7670-201904211

vmwareesxiMatch6.7670-201904212

vmwareesxiMatch6.7670-201904213

vmwareesxiMatch6.7670-201904214

vmwareesxiMatch6.7670-201904215

vmwareesxiMatch6.7670-201904216

vmwareesxiMatch6.7670-201904217

vmwareesxiMatch6.7670-201904218

vmwareesxiMatch6.7670-201904219

vmwareesxiMatch6.7670-201904220

vmwareesxiMatch6.7670-201904221

vmwareesxiMatch6.7670-201904222

vmwareesxiMatch6.7670-201904223

vmwareesxiMatch6.7670-201904224

vmwareesxiMatch6.7670-201904225

vmwareesxiMatch6.7670-201904226

vmwareesxiMatch6.7670-201904227

vmwareesxiMatch6.7670-201904228

vmwareesxiMatch6.7670-201904229

vmwareesxiMatch6.7670-201905001

vmwareesxiMatch6.7670-201906002

vmwareesxiMatch6.7670-201908101

vmwareesxiMatch6.7670-201908102

vmwareesxiMatch6.7670-201908103

vmwareesxiMatch6.7670-201908104

vmwareesxiMatch6.7670-201908201

vmwareesxiMatch6.7670-201908202

vmwareesxiMatch6.7670-201908203

vmwareesxiMatch6.7670-201908204

vmwareesxiMatch6.7670-201908205

vmwareesxiMatch6.7670-201908206

vmwareesxiMatch6.7670-201908207

vmwareesxiMatch6.7670-201908208

vmwareesxiMatch6.7670-201908209

vmwareesxiMatch6.7670-201908210

vmwareesxiMatch6.7670-201908211

vmwareesxiMatch6.7670-201908212

vmwareesxiMatch6.7670-201908213

vmwareesxiMatch6.7670-201908214

vmwareesxiMatch6.7670-201908215

vmwareesxiMatch6.7670-201908216

vmwareesxiMatch6.7670-201908217

vmwareesxiMatch6.7670-201908218

vmwareesxiMatch6.7670-201908219

vmwareesxiMatch6.7670-201908220

vmwareesxiMatch6.7670-201908221

vmwareesxiMatch6.7670-201911001

vmwareesxiMatch6.7670-201912001

vmwareesxiMatch6.7670-201912101

vmwareesxiMatch6.7670-201912102

vmwareesxiMatch6.7670-201912401

vmwareesxiMatch6.7670-201912402

vmwareesxiMatch6.7670-201912403

vmwareesxiMatch6.7670-201912404

vmwareesxiMatch6.7670-201912405

vmwareesxiMatch6.7670-202004001

vmwareesxiMatch6.7670-202004002

vmwareesxiMatch6.7670-202004301

vmwareesxiMatch6.7670-202004401

vmwareesxiMatch6.7670-202004402

vmwareesxiMatch6.7670-202004403

vmwareesxiMatch6.7670-202004404

vmwareesxiMatch6.7670-202004405

vmwareesxiMatch6.7670-202004406

vmwareesxiMatch6.7670-202004407

vmwareesxiMatch6.7670-202004408

vmwareesxiMatch6.7670-202006001

vmwareesxiMatch6.7670-202008001

vmwareesxiMatch7.0-

CPENameOperatorVersion
vmware:cloud_foundationvmware cloud foundationlt3.10
vmware:cloud_foundationvmware cloud foundationlt4.0.1
vmware:vcenter_servervmware vcenter servereq6.5
vmware:vcenter_servervmware vcenter servereq6.7
vmware:vcenter_servervmware vcenter servereq7.0
vmware:esxivmware esxieq6.5
vmware:esxivmware esxieq6.7
vmware:esxivmware esxieq7.0

CPE	Name	Operator	Version
vmware:cloud_foundation	vmware cloud foundation	lt	3.10
vmware:cloud_foundation	vmware cloud foundation	lt	4.0.1
vmware:vcenter_server	vmware vcenter server	eq	6.5
vmware:vcenter_server	vmware vcenter server	eq	6.7
vmware:vcenter_server	vmware vcenter server	eq	7.0
vmware:esxi	vmware esxi	eq	6.5
vmware:esxi	vmware esxi	eq	6.7
vmware:esxi	vmware esxi	eq	7.0

CNA Affected

[
  {
    "product": "ESXi, vCenter Server, and Cloud Foundation",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "ESXi 7.0, 6.7, 6.5, vCenter Server 7.0, 6.7, 6.5, and Cloud Foundation 4.x.x, and 3.x.x release lines."
      }
    ]
  }
]

References

www.vmware.com/security/advisories/VMSA-2020-0018.html

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.7%

JSON

Related for CVE-2020-3976

ibm1 vmware1 nessus3 prion1 cvelist1 nvd1