Critical Vulnerability in VMware Directory Service on vCenter Server v6.7
by Michael Trantas
Senior Solutions Architect
April 9, VMware announced a vulnerability in the VMware Directory Service (vmdir) for clients running vCenter Server version 6.7 . In certain conditions vmdir that ships with VMware vCenter Server, which as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.
A malicious actor with network access to an affected vmdir deployment may be able to extract highly sensitive information which could be used to compromise vCenter Server or other services dependent upon vmdir for authentication. VMware and CISA have assigned a vulnerability score of 10.0 – Maximum Critical.
This vulnerability can be resolved by upgrading an affected deployment to 6.7u3f or 7.0. See the table below.
Note: vCenter Server 6.7 (embedded or external PSC) prior to 6.7u3f is affected by CVE-2020-3952 if it was upgraded from a previous release line such as 6.0 or 6.5. Clean installations of vCenter Server 6.7 (embedded or external PSC) are not affected.
| Product | Version | Running On | CVE Identifier | CVSSV3 | Severity | Fixed Version | Workarounds | Additional Documentation |
|---|---|---|---|---|---|---|---|---|
| vCenter Server | 7 | Any | CVE-2020-3952 | N/A | N/A | Unaffected | N/A | N/A |
| vCenter Server | 6.7 | Virtual Appliance | CVE-2020-3952 | 10 | Critical | 6.7u3f | None | KB78543 |
| vCenter Server | 6.7 | Windows | CVE-2020-3952 | 10 | Critical | 6.7u3f | None | KB78543 |
| vCenter Server | 6.5 | Any | CVE-2020-3952 | N/A | N/A | Unaffected | N/A | N/A |
If you would like additional assistance or consultative consulting from the Helient professionals, please contact service@helient.com.