There’s a new high severity, remote code execution (RCE) vulnerability in VMware Cloud Director.
Tracked as CVE-2020-3956, the flaw triggers code injection that allows authenticated attackers to send malicious traffic to Cloud Director. This could then lead to arbitrary code execution.
What is VMware Cloud Director?
According to its official website, VMware Cloud Director is a leading cloud service-delivery platform used by some of the world’s most popular cloud providers to operate and manage successful cloud-service businesses. With the help of VMware Cloud Director, cloud providers deliver secure, efficient, and elastic cloud resources to thousands of enterprises and IT teams globally.
More about CVE-2020-3956
According to the company’s official advisory, the vulnerability is caused by the issue that VMware Cloud Director doesn’tt properly handle input leading to a code injection vulnerability. VMware has evaluated the severity of the flaw to be in the Imporant severity range with a maximum CVSSv3 base score of 8.8, the advisory says.
How can the CVE-2020-3956 vulnerability be exploited?
The flaw is exploitable by an authenticated threat actor, who can send malicious traffic to VMware Cloud director. This action could then lead to arbitrary code execution. The flaw is exploitable through the HTML5- and Flex-based user interfaces, the API Explorer interface and API access.
How can the vulnerability be addressed?
To mitigate against the CVE-2020-3956 flaw, affected parties should download and apply the already available patches.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: