logo
DATABASE RESOURCES PRICING ABOUT US

VMware vCenter Server 6.7 Sensitive Information Disclosure Vulnerability (VMSA-2020-0006)

Description

The version of VMware vCenter Server installed on the remote host is 6.7 prior to U3F, and is, therefore, affected by an information disclosure vulnerability caused by insufficient access controls in vmdir. This allows an attacker with network access to an affected vmdir deployment may be able to extract highly sensitive information. This information can be used to compromise the vCenter Server or other services which depends on VMware directory service authentication. (CVE-2020-3952) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related