VMware.vCenter.VmDirLegacyAccessCheck.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in VMware vCenter.
The vulnerability is due to a validation error in the application when handling maliciously crafted LDAP requests. An unauthenticated attacker can exploit this to create a new Administrator account on the vulnerable system.

affected-products-logoAffected Products

vCenter Server 6.7 prior to 6.7u3f is affected by CVE-2020-3952 if it was upgraded from a previous release line such as 6.0 or 6.5.
Clean installations of vCenter Server 6.7 are not affected.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Applied latest upgrade or patch from the vendor:
https://www.vmware.com/security/advisories/VMSA-2020-0006.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-09-10 16.921 Sig Added
2020-05-12 15.842 Default_action:pass:drop
2020-05-04 15.832