// For flags

CVE-2020-3956

vCloud Director 9.7.0.15498291 - Remote Code Execution

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access.

VMware Cloud Director versiones 10.0.x anteriores a 10.0.0.2, versiones 9.7.0.x anteriores a 9.7.0.5, versiones 9.5.0.x anteriores a 9.5.0.6 y versiones 9.1.0.x anteriores a 9.1.0.4, no manejan apropiadamente la entrada conllevando a una vulnerabilidad de inyección de código. Un actor autenticado puede ser capaz de enviar tráfico malicioso a VMware Cloud Director, lo que puede conllevar a una ejecución de código remota arbitraria. Esta vulnerabilidad puede ser explotada por medio de las interfaces de usuario basadas en HTML5 y Flex, la interfaz del Explorador de la API y el acceso a la API.

vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-12-30 CVE Reserved
  • 2020-05-20 CVE Published
  • 2020-06-02 First Exploit
  • 2024-08-04 CVE Updated
  • 2024-10-31 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Vmware
Search vendor "Vmware"
Vcloud Director
Search vendor "Vmware" for product "Vcloud Director"
>= 9.5.0.0 < 9.5.0.6
Search vendor "Vmware" for product "Vcloud Director" and version " >= 9.5.0.0 < 9.5.0.6"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
--
Safe
Vmware
Search vendor "Vmware"
Vcloud Director
Search vendor "Vmware" for product "Vcloud Director"
>= 9.5.0.0 < 9.5.0.6
Search vendor "Vmware" for product "Vcloud Director" and version " >= 9.5.0.0 < 9.5.0.6"
-
Affected
in Vmware
Search vendor "Vmware"
Photon Os
Search vendor "Vmware" for product "Photon Os"
--
Safe
Vmware
Search vendor "Vmware"
Vcloud Director
Search vendor "Vmware" for product "Vcloud Director"
>= 9.7.0.0 < 9.7.0.5
Search vendor "Vmware" for product "Vcloud Director" and version " >= 9.7.0.0 < 9.7.0.5"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
--
Safe
Vmware
Search vendor "Vmware"
Vcloud Director
Search vendor "Vmware" for product "Vcloud Director"
>= 9.7.0.0 < 9.7.0.5
Search vendor "Vmware" for product "Vcloud Director" and version " >= 9.7.0.0 < 9.7.0.5"
-
Affected
in Vmware
Search vendor "Vmware"
Photon Os
Search vendor "Vmware" for product "Photon Os"
--
Safe
Vmware
Search vendor "Vmware"
Vcloud Director
Search vendor "Vmware" for product "Vcloud Director"
>= 10.0.0.0 < 10.0.0.2
Search vendor "Vmware" for product "Vcloud Director" and version " >= 10.0.0.0 < 10.0.0.2"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
--
Safe
Vmware
Search vendor "Vmware"
Vcloud Director
Search vendor "Vmware" for product "Vcloud Director"
>= 10.0.0.0 < 10.0.0.2
Search vendor "Vmware" for product "Vcloud Director" and version " >= 10.0.0.0 < 10.0.0.2"
-
Affected
in Vmware
Search vendor "Vmware"
Photon Os
Search vendor "Vmware" for product "Photon Os"
--
Safe
Vmware
Search vendor "Vmware"
Vcloud Director
Search vendor "Vmware" for product "Vcloud Director"
>= 9.1.0.0 < 9.1.0.4
Search vendor "Vmware" for product "Vcloud Director" and version " >= 9.1.0.0 < 9.1.0.4"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
--
Safe