VMware.vCenter.VmDirLegacyAccessCheck.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in VMware vCenter.
The vulnerability is due to a validation error in the application when handling maliciously crafted LDAP requests. An unauthenticated attacker can exploit this to create a new Administrator account on the vulnerable system.
Affected Products
vCenter Server 6.7 prior to 6.7u3f is affected by CVE-2020-3952 if it was upgraded from a previous release line such as 6.0 or 6.5.
Clean installations of vCenter Server 6.7 are not affected.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Applied latest upgrade or patch from the vendor:
https://www.vmware.com/security/advisories/VMSA-2020-0006.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-09-10 | 16.921 | Sig Added |
2020-05-12 | 15.842 | Default_action:pass:drop |
2020-05-04 | 15.832 |