cve-2020-3994
Vulnerability from cvelistv5
Published
2020-10-20 16:14
Modified
2024-08-04 07:52
Severity ?
EPSS score ?
0.11%
(0.45387)
Summary
VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates.
References
▼ | URL | Tags | |
---|---|---|---|
security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | vCenter Server |
Version: vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:52:20.505Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vCenter Server", vendor: "n/a", versions: [ { status: "affected", version: "vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k)", }, ], }, ], descriptions: [ { lang: "en", value: "VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates.", }, ], problemTypes: [ { descriptions: [ { description: "Session hijack vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-20T16:14:24", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.vmware.com/security/advisories/VMSA-2020-0023.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@vmware.com", ID: "CVE-2020-3994", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "vCenter Server", version: { version_data: [ { version_value: "vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Session hijack vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "https://www.vmware.com/security/advisories/VMSA-2020-0023.html", refsource: "MISC", url: "https://www.vmware.com/security/advisories/VMSA-2020-0023.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2020-3994", datePublished: "2020-10-20T16:14:24", dateReserved: "2019-12-30T00:00:00", dateUpdated: "2024-08-04T07:52:20.505Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0\", \"versionEndExcluding\": \"3.9\", \"matchCriteriaId\": \"102115DE-F589-4153-9597-160D82FBAFC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DD16169-A7DF-4604-888C-156A60018E32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*\", \"matchCriteriaId\": \"46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*\", \"matchCriteriaId\": \"D26534EB-327B-4ED6-A3E1-005552CB1F9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*\", \"matchCriteriaId\": \"786CDD50-7E18-4437-8DB9-2D0ADECD436E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2CE8DAE-0E78-4004-983D-1ECD8855EC33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E51F433-1152-4E94-AF77-970230B1A574\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*\", \"matchCriteriaId\": \"0064D104-E0D8-481A-9029-D3726A1A9CF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B4D3F61-6CD9-411F-A205-EB06A57EBB4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*\", \"matchCriteriaId\": \"F72A1E9C-F960-4E8C-A46C-B38209E6349E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C33CE46-F529-4EA9-9344-6ED3BFA7019D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F1D8161-0E02-45C9-BF61-14799AB65E03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F2CB1FF-6118-4875-945D-07BAA3A21FFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDDC6510-3116-4578-80C8-8EF044A8370A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*\", \"matchCriteriaId\": \"8678DB48-CB98-4E4C-ADE6-CABA73265FEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBD9A341-1FBF-4E04-848B-550DEB27261A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"4955663C-1BB6-4F3E-9D4B-362DF144B7F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE0F8453-3D6C-4F1C-9167-3F02E3D905DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"E456F84C-A86E-4EA9-9A3E-BEEA662136E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"5241C282-A02B-44B2-B6CA-BA3A99F9737C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*\", \"matchCriteriaId\": \"04A60AC7-C2EA-4DBF-9743-54D708584AFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A91B0C4-F184-459E-AFD3-DE0E351CC964\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"23253631-2655-48A8-9B00-CB984232329C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*\", \"matchCriteriaId\": \"50C2A9A8-0E66-4702-BCD4-74622108E7A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE4D3E2A-C32D-408F-B811-EF8BC86F0D34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*\", \"matchCriteriaId\": \"31CA7802-D78D-4BAD-A45A-68B601C010C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B98981B-4721-4752-BAB4-361DB5AEB86F\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates.\"}, {\"lang\": \"es\", \"value\": \"VMware vCenter Server (versiones 6.7 anteriores a 6.7u3, versiones 6.6 anteriores a 6.5u3k), contiene una vulnerabilidad de secuestro de sesi\\u00f3n en la funci\\u00f3n de actualizaci\\u00f3n de la vCenter Server Appliance Management Interface debido a la falta de comprobaci\\u00f3n del certificado. Un actor malicioso con posicionamiento de red entre vCenter Server y un repositorio de actualizaciones puede ser capaz de realizar un secuestro de sesi\\u00f3n cuando la vCenter Server Appliance Management Interface es usado para descargar actualizaciones de vCenter\"}]", id: "CVE-2020-3994", lastModified: "2024-11-21T05:32:07.787", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 7.4, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2020-10-20T17:15:12.967", references: "[{\"url\": \"https://www.vmware.com/security/advisories/VMSA-2020-0023.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2020-0023.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]", sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-295\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-3994\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2020-10-20T17:15:12.967\",\"lastModified\":\"2024-11-21T05:32:07.787\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates.\"},{\"lang\":\"es\",\"value\":\"VMware vCenter Server (versiones 6.7 anteriores a 6.7u3, versiones 6.6 anteriores a 6.5u3k), contiene una vulnerabilidad de secuestro de sesión en la función de actualización de la vCenter Server Appliance Management Interface debido a la falta de comprobación del certificado. Un actor malicioso con posicionamiento de red entre vCenter Server y un repositorio de actualizaciones puede ser capaz de realizar un secuestro de sesión cuando la vCenter Server Appliance Management Interface es usado para descargar actualizaciones de vCenter\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"versionEndExcluding\":\"3.9\",\"matchCriteriaId\":\"102115DE-F589-4153-9597-160D82FBAFC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DD16169-A7DF-4604-888C-156A60018E32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*\",\"matchCriteriaId\":\"46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26534EB-327B-4ED6-A3E1-005552CB1F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*\",\"matchCriteriaId\":\"786CDD50-7E18-4437-8DB9-2D0ADECD436E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2CE8DAE-0E78-4004-983D-1ECD8855EC33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E51F433-1152-4E94-AF77-970230B1A574\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*\",\"matchCriteriaId\":\"0064D104-E0D8-481A-9029-D3726A1A9CF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B4D3F61-6CD9-411F-A205-EB06A57EBB4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*\",\"matchCriteriaId\":\"F72A1E9C-F960-4E8C-A46C-B38209E6349E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C33CE46-F529-4EA9-9344-6ED3BFA7019D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F1D8161-0E02-45C9-BF61-14799AB65E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F2CB1FF-6118-4875-945D-07BAA3A21FFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDDC6510-3116-4578-80C8-8EF044A8370A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*\",\"matchCriteriaId\":\"8678DB48-CB98-4E4C-ADE6-CABA73265FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBD9A341-1FBF-4E04-848B-550DEB27261A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4955663C-1BB6-4F3E-9D4B-362DF144B7F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE0F8453-3D6C-4F1C-9167-3F02E3D905DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E456F84C-A86E-4EA9-9A3E-BEEA662136E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"5241C282-A02B-44B2-B6CA-BA3A99F9737C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"04A60AC7-C2EA-4DBF-9743-54D708584AFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A91B0C4-F184-459E-AFD3-DE0E351CC964\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"23253631-2655-48A8-9B00-CB984232329C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*\",\"matchCriteriaId\":\"50C2A9A8-0E66-4702-BCD4-74622108E7A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE4D3E2A-C32D-408F-B811-EF8BC86F0D34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*\",\"matchCriteriaId\":\"31CA7802-D78D-4BAD-A45A-68B601C010C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B98981B-4721-4752-BAB4-361DB5AEB86F\"}]}]}],\"references\":[{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2020-0023.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2020-0023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}", }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.