Advisory ID VMSA-2020-0010
Advisory Severity Important
CVSSv3 Range 8.8
Synopsis VMware Cloud Director updates address Code Injection Vulnerability (CVE-2020-3956)
Issue Date 2020-05-19
Updated On 2020-05-19 (Initial version)
CVE(s) CVE-2020-3956

1. Impacted Products

VMware Cloud Director (formerly known as vCloud Director)

2. Introduction

A code injection vulnerability in VMware Cloud Director was privately reported to VMware. Patches and workarounds are available to remediate or workaround this vulnerability in affected VMware products.

3. VMware Cloud Director updates address Code Injection Vulnerability (CVE-2020-3956)

Description:
VMware Cloud Director does not properly handle input leading to a code injection vulnerability. VMware has evaluated the severity of this issue to be in the Imporant severity range with a maximum CVSSv3 base score of 8.8.

Known Attack Vectors:

An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access.

Resolution:
To remediate CVE-2020-3956 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
 

Workarounds:
Workarounds for CVE-2020-3956 have been documented in the VMware Knowledge Base article listed in the 'Workarounds' column the 'Response Matrix' found below.
 

Additional Documentation:
None.

Notes:
None.
 

Acknowledgements:

VMware would like to thank Tomáš Melicher and Lukáš Václavík of Citadelo for reporting this issue to us.

Product Version Running On CVE Identifier CVSSV3 Severity Fixed_Version Workarounds Additional Documentation
VMware Cloud Director
10.1.0 Linux, PhotonOS appliance CVE-2020-3956
N/A
N/A Not affected
N/A
N/A
vCloud Director
10.0.x
Linux, PhotonOS appliance
CVE-2020-3956
8.8
Important
10.0.0.2
KB79091 None
vCloud Director
9.7.x
Linux, PhotonOS appliance
CVE-2020-3956
8.8
Important
9.7.0.5
KB79091 None
vCloud Director 9.5.x Linux, PhotonOS appliance CVE-2020-3956 8.8 Important 9.5.0.6 KB79091 None
vCloud Director 9.1.x Linux CVE-2020-3956 8.8 Important 9.1.0.4 KB79091 None
vCloud Director 9.0.x Linux CVE-2020-3956 N/A N/A Not affected N/A N/A
vCloud Director 8.x Linux CVE-2020-3956 N/A N/A Not affected N/A N/A

5. Change log
 

2020-05-19 VMSA-2020-0010
Initial security advisory.

6. Contact

 

E-mail list for product security notifications and announcements:

https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

 

This Security Advisory is posted to the following list:

security-announce@lists.vmware.com

 

E-mail:
security@vmware.com

 

PGP key at:

https://kb.vmware.com/kb/1055

 

VMware Security Advisories

https://www.vmware.com/security/advisories

 

VMware Security Response Policy

https://www.vmware.com/support/policies/security_response.html

 

VMware Lifecycle Support Phases

https://www.vmware.com/support/policies/lifecycle.html

 

VMware Security & Compliance Blog  

https://blogs.vmware.com/security

 

Twitter

https://twitter.com/VMwareSRC

 

Copyright 2020 VMware Inc. All rights reserved.

 

Sign up for Security Advisories

Enter your email address: