Lucene search

VMwareVMSA-2020-0025

HistoryNov 18, 2020 - 12:00 a.m.

VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)

2020-11-1800:00:00

www.vmware.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.9%

JSON

3a. SQL injection vulnerability due to improper input validation (CVE-2020-3984)

The SD-WAN Orchestrator does not apply correct input validation which allows for SQL-injection. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1.

3b. Directory traversal file execution (CVE-2020-4000)

The SD-WAN Orchestrator allows for executing files through directory traversal. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.

3.c Default passwords Pass-the-Hash Attack (CVE-2020-4001

The SD-WAN Orchestrator has default passwords allowing for a Pass-the-Hash Attack. VMware has evaluated the severity of this issue to be in the moderate severity range.

CPENameOperatorVersion
sd-wan orchestratorlt3.3.2 p3 build 3.3.2-GA-20201103
sd-wan orchestratorlt3.4.4 build R344-20201103-GA
sd-wan orchestratoreq4.x
sd-wan orchestratoreq3.x
sd-wan orchestratorlt4.0.1
sd-wan orchestratorlt3.3.2 p3 build 3.3.2-GA-20201103
sd-wan orchestratorlt3.4.4 build R344-20201103-GA
sd-wan orchestratorlt4.0.1
sd-wan orchestratorlt3.3.2 p3 build 3.3.2-GA-20201103
sd-wan orchestratorlt3.4.4 build R344-20201103-GA

Name	Operator	Version
sd-wan orchestrator	lt	3.3.2 p3 build 3.3.2-GA-20201103
sd-wan orchestrator	lt	3.4.4 build R344-20201103-GA
sd-wan orchestrator	eq	4.x
sd-wan orchestrator	eq	3.x
sd-wan orchestrator	lt	4.0.1
sd-wan orchestrator	lt	3.3.2 p3 build 3.3.2-GA-20201103
sd-wan orchestrator	lt	3.4.4 build R344-20201103-GA
sd-wan orchestrator	lt	4.0.1
sd-wan orchestrator	lt	3.3.2 p3 build 3.3.2-GA-20201103
sd-wan orchestrator	lt	3.4.4 build R344-20201103-GA

Rows per page:

1-10 of 151

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3984

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3985

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4000

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4001

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4002

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4003

docs.vmware.com/en/VMware-SD-WAN-by-VeloCloud/4.0.1/rn/VMware-SD-WAN-401-Release-Notes.html

www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

www.vmware.com/go/download-sd-wan

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.9%

JSON

Related for VMSA-2020-0025