CVE-2020-3956

Published May 20, 2020

Last updated 3 years ago

Overview

Description: VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access.
Source: security@vmware.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-917

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          },
          {
            "criteria": "cpe:2.3:o:vmware:photon_os:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "89F14E0F-78B4-4EBE-89E5-AC9C10C586C5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:vcloud_director:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93F66C4B-2E49-4399-BF02-E2EFE32537D2",
            "versionEndExcluding": "9.5.0.6",
            "versionStartIncluding": "9.5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcloud_director:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BA448BC-B91C-4DDA-8695-481D1E9512FA",
            "versionEndExcluding": "9.7.0.5",
            "versionStartIncluding": "9.7.0.0"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcloud_director:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DE3918E-A5B8-4390-B693-3B397D717F24",
            "versionEndExcluding": "10.0.0.2",
            "versionStartIncluding": "10.0.0.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:vcloud_director:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1644163E-B0F3-466D-843B-D555562289EB",
            "versionEndExcluding": "9.1.0.4",
            "versionStartIncluding": "9.1.0.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References