Monday, July 13, 14:20 p.m.
Home security Critical vulnerability allows VMware vCenter Server access

Critical vulnerability allows VMware vCenter Server access


VMware has fixed a critical one vulnerability, which could allow intruders to gain access to sensitive information.

Vulnerability, known as CVE-2020-3952, has been described as critical and has a CVSSv3 score of 10.

Vulnerability to VMware vCenter Server

In some cases, vmdir does not apply the controls correctly security, which allows attackers to gain access to network and also have access to sensitive information.

Acquiring access In this information, a malicious agent may hack the vCenter server or others services dependent on vmdir for authentication.

If you are using version 6.7 of vCenter Server, it is recommended that you install the 6.7u3f update to fix this critical vulnerability.

According to VMware, "the clean installations of the vCenter Server 6.7 (built-in or external PSC) are not affected by this vulnerability."

In March, VMware faced off attacks escalation of privileges and DoS of high seriousness in Workstation, Fusion, VMware Remote Console and Horizon Client. The company also published the article KB 78543 for more details, in case the development of vCenter Server 6.7 is affected.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Security experts in Australia: Rely on local technologies

Cyber ​​experts have urged Australia to be less dependent on foreign companies, technologies and know-how for ...

Juniper Networks: fixes critical vulnerabilities in firewalls

Last week, Juniper Networks released an announcement informing its customers that it has fixed some vulnerabilities ...

Malware checks if it is running on Any.Run to avoid parsing

Malware creators have begun to check if their malware is running on the malware analysis service ...

Trump: "The US carried out a cyber attack against Russia in 2018"!

The American President, Donald Trump, admitted for the first time in an interview with the Washington Post that the USA carried out a ...

Russian hacker guilty of Dropbox, LinkedIn, Formspring hacks

Russian hacker Yevgeniy Nikulin was found guilty by a jury for violating LinkedIn, Dropbox ...

Germany: Impose sanctions on Russia over Bundestag hacking

Germany has formally proposed that the European Union impose sanctions on Russian individuals responsible for large-scale hacking of ...

Google Chrome: Increases battery life on laptops and smartphones

While Google's Chrome browser had a tough time, its competitors took the opportunity. In response, the company gave ...

USA: New team investigates financial crimes in cyberspace!

The US Secret Service is joining forces with cybercrime and cybercrime services in a group ...

Hacker stole 336 BTC from cryptocurrency company Cashaa

British cryptocurrency company Cashaa reported that hackers took more than 336 Bitcoin from the company. The company has stopped all ...

Higher fees from Facebook for vulnerabilities in Hermes

In an announcement on Friday, Facebook stated that it is going to increase the rewards in its bug bounty program, for ...