Advisory Severity Critical VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) (CVE-2020-3952)

by

VMWare just posted this advisory:
https://www.vmware.com/security/advisories/VMSA-2020-0006.html

vCenters affected:
vCenter Server 6.7 (embedded or external PSC) prior to 6.7u3f is affected by CVE-2020-3952. Only if it was upgraded from previous versions 6.0 or 6.5. Clean installations of vCenter Server 6.7 (embedded or external PSC) are not affected.

KB to determine if your vCenter is affected:
https://kb.vmware.com/s/article/78543

Resolution:
Upgrade to 6.7U3f or 7.0.

My blog article on performing in place upgrade on existing 6.7 vCenter to 6.7 U3f
https://digitalthoughtdisruption.com/2020/04/11/how-to-upgrade-vmware-vcenter-6-7-u1-u2-u3-to-6-7-u3f/

1 thought on “Advisory Severity Critical VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) (CVE-2020-3952)”

  1. Pingback: How to Upgrade VMWare vCenter 6.7 U1 U2 U3 to 6.7 U3f – Digital Thought Disruption

Leave a Reply

Discover more from Digital Thought Disruption

Subscribe now to keep reading and get access to the full archive.

Continue reading