Shulou(Shulou.com)05/31 Report--

How hackers use CVE-2020-3952 to invade VMware vCenter Server, many novices are not very clear about this, in order to help you solve this problem, the following small series will explain in detail for everyone, people who have this need can learn, I hope you can gain something.

VMware has fixed a critical information disclosure vulnerability, CVE-2020-3952, that could allow attackers to compromise vCenter Server or other services using Directory Service (vmdir).

CVE-2020-3952 has a CVSS v3 score of 10 and exists in vCenter Server version 6.7 on Windows systems and virtual appliances.

According to information published by VMware, the vulnerability can only be exploited on vCenter Server upgraded from an older version, and versions of vCenter Server 6.7 installed directly (embedded or external PSC) are not affected.

With the release of version 6.7u3f, VMware fixed the vulnerability.

VMdir in VMware vCenter Server is part of an embedded or external Platform Service Controller (PSC), and vCenter Server uses VMdir for authentication. VMware stated in its security bulletin that VMDIR does not implement access control correctly in certain situations. VMware has assessed the severity of the vulnerability as a CVSS v3 base score of 10.0.

Because the vmdir service creates a log entry when it initially declares that traditional ACL mode is enabled, VMware users can determine whether they are affected by searching the log for vmdir entries.

Here is an example from VMware:

2020-04-06T17:50:41.860526+00:00 info vmdird t@139910871058176: ACLMODE: Legacy

VMware released a security update in March to fix high-risk privilege and denial of service vulnerabilities in Workstation, Fusion, Remote Console, and Horizon Client.

Two of the vulnerabilities are CVE-2020-3950 and CVE-2020-3951.

CVE-2020-3950 is a privilege escalation vulnerability that results from improper use of setuid binary files and allows an attacker to escalate privileges to root.

CVE-2020-3951 is a denial of service vulnerability that stems from a heap overflow issue in Cortado Thinprint.

Did reading the above help you? If you still want to have further understanding of related knowledge or read more related articles, please pay attention to the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.