6.5
CVSSv2

CVE-2020-3956

Published: 20/05/2020 Updated: 02/06/2020
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

VMware Cloud Director 10.0.x prior to 10.0.0.2, 9.7.0.x prior to 9.7.0.5, 9.5.0.x prior to 9.5.0.6, and 9.1.0.x prior to 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access.

Vulnerability Trend

Affected Products

Vendor Product Versions
VmwareVcloud Director9.5.0.0, 9.5.0.1, 9.5.0.2, 9.5.0.3

Github Repositories

PoC exploit for VMware Cloud Director RCE (CVE-2020-3956)

Recent Articles

VMware Cloud Director flaw lets hackers take over virtual datacenters
BleepingComputer • Ionut Ilascu • 01 Jan 1970

Organizations offering trial accounts for versions of VMware Cloud Director lower than 10.1.0 risk exposing private clouds on their virtualized infrastructure to complete takeover attacks from a threat actor.
A code injection vulnerability exists in VMware Cloud Director (vCloud Director) 10.0.0.2, 9.7.0.5, 9.5.0.6, and 9.1.0.4 that may lead to remote code execution, VMware says in its security advisory.
Cloud Director software allows cloud-service providers around the world to deplo...