8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.887 High
EPSS
Percentile
98.7%
3a. Advisory Details
VMware Cloud Director does not properly handle input leading to a code injection vulnerability. VMware has evaluated the severity of this issue to be in the Imporant severity range with a maximum CVSSv3 base score of 8.8.
CPE | Name | Operator | Version |
---|---|---|---|
vmware cloud director | lt | 10.0.0.2 | |
vmware cloud director | lt | 9.7.0.5 | |
vmware cloud director | lt | 9.5.0.6 | |
vmware cloud director | lt | 9.1.0.4 |
www.vmware.com/go/download/vcloud-director
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3956
docs.vmware.com/en/VMware-Cloud-Director/10.0/rn/VMware-vCloud-Director-for-Service-Providers-10002-Release-Notes.html
docs.vmware.com/en/VMware-Cloud-Director/9.1/rn/vCloud-Director-9104-for-Service-Providers-Release-Notes.html
docs.vmware.com/en/VMware-Cloud-Director/9.5/rn/vCloud-Director-9506-for-Service-Providers-Release-Notes.html
docs.vmware.com/en/VMware-Cloud-Director/9.7/rn/VMware-vCloud-Director-for-Service-Providers-9705-Release-Notes.html
kb.vmware.com/s/article/79091
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.887 High
EPSS
Percentile
98.7%