CVE-2020-3952

🗓️ 10 Apr 2020 13:55:36Reported by vmwareType

VMware vCenter Server vmdir access control vulnerabilit

Reporter	Title	Published	Views	Family All 41
0daydb	QuickBox Pro 2.1.8 CVE-2020-13448 - Remote Code Execution	3 Jun 202015:51	–	0daydb
0daydb	macOS/x64 zsh RickRolling - Shellcode	2 Jun 202013:54	–	0daydb
0daydb	VMware vCenter Server 6.7 CVE-2020-3952 - Authentication Bypass	3 Jun 202015:50	–	0daydb
0day.today	VMware vCenter Server 6.7 - Authentication Bypass Exploit	1 Jun 202000:00	–	zdt
GithubExploit	Exploit for Missing Authentication for Critical Function in Vmware Vcenter_Server	15 Apr 202000:51	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Vmware Vcenter_Server	19 Apr 202018:35	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Vmware Vcenter_Server	16 Apr 202007:40	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Vmware Vcenter_Server	15 Apr 202000:51	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Vmware Vcenter_Server	17 Apr 202012:39	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Vmware Vcenter_Server	16 Apr 202001:39	–	githubexploit

[
  {
    "product": "VMware vCenter Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "vCenter Server 6.7 (embedded or external PSC) prior to 6.7u3f is affected by CVE-2020-3952 if it was upgraded from a previous release line such as 6.0 or 6.5. Clean installations of vCenter Server 6.7 (embedded or external PSC) are not affected."
      }
    ]
  }
]

Source	Link
vmware	www.vmware.com/security/advisories/VMSA-2020-0006
packetstormsecurity	www.packetstormsecurity.com/files/157896/VMware-vCenter-Server-6.7-Authentication-Bypass.html

02 Jun 2020 15:06Current

9.5High risk

Vulners AI Score9.5

EPSS0.90384