CVE-2020-3952

Description from NVD

Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.

Information Acquisition Date:2021-04-27T10:40Z
CVSS 2.0: 6.8 MEDIUM CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:P/I:P/A:P

NVD References

 https://www.vmware.com/security/advisories/VMSA-2020-0006
     source:MISC
     tags:Vendor Advisory    
 http://packetstormsecurity.com/files/157896/VMware-vCenter-Server-6.7-Authentication-Bypass.html
     source:MISC
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: VMware(2 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...244
https://lists.astaro.com/ASGV9-IPS-rules.html31
https://www.reddit.com/r/netsec24
http://canyoupwn.me15
http://cyber.guardicore.com/click.track?CID=429820&AFID=434...7
https://www.tenable.com/blog/cve-2020-3952-sensitive-inform...6
https://www.helpnetsecurity.com/2020/04/14/cve-2020-3952/5
https://0day.life/vmware-vcenter-server-6-7-cve-2020-3952-a...4
https://vuldb.com/?id.1530354
https://github.com/guardicore/vmware_vcenter_cve_2020_39524
https://isc.sans.edu/diary/rss/260064
https://twitter.com/sans_isc/status/12487309938691440663
https://kb.vmware.com/s/article/785433
http://Securitylab.ru3
https://www.vmware.com/security/advisories/VMSA-2020-0006.html3
https://blogs.vmware.com/vsphere/2020/04/vsphere-vmsa-2020-...3
https://go.newsfusion.com//security/item/16268433
https://www.viktorious.nl/2020/04/20/vmware-cloud-foundatio...3
https://securityaffairs.co/wordpress/101388/security/cve-20...3
https://www.guardicore.com/2020/04/pwning-vmware-vcenter-cv...3
https://noticiasseguridad.com/vulnerabilidades/tomar-el-con...3

Information from Twitter

User URL Info Source Date
VulmonFeeds http://vulmon.com/vulnerabilitydetails?qid=CVE-2020-3952 Source VulmonFeeds      1435764017038037000 2021/09/09
VulmonFeeds https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so... Source VulmonFeeds      1435764017038037000 2021/09/09
VulmonFeeds http://vulmon.com/vulnerabilitydetails?qid=CVE-2020-3952 Source VulmonFeeds      1443940616023461888 2021/10/01

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com244
lists.astaro.com31
www.reddit.com24
canyoupwn.me15
cyber.guardicore.com7
www.tenable.com6
www.helpnetsecurity.com5
0day.life4
vuldb.com4
github.com4
isc.sans.edu4
twitter.com3
kb.vmware.com3
Securitylab.ru3
www.vmware.com3
blogs.vmware.com3
go.newsfusion.com3
www.viktorious.nl3
securityaffairs.co3
www.guardicore.com3
noticiasseguridad.com3

Information from Twitter

User URL Info Source
VulmonFeeds vulmon.com Show Tweet
VulmonFeeds alerts.vulmon.com Show Tweet
VulmonFeeds vulmon.com Show Tweet
GitHub Search Results: Up to 10
NameURL
No Data
GitHub Search Results: Up to 10
NameURL
No Data
2021/10/01 Score : 1
Added Har-sia Database : 2020/04/10
Last Modified : 2021/10/01
Highest Scored Date : 2020/04/11
Highest Score : 63