Vulnerability CVE-2020-3993

Vulnerability Name:

CVE-2020-3993 (CCN-190041)

Assigned:

2019-12-30

Published:

2020-10-20

Updated:

2020-10-30

Summary:

VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node.

CVSS v3 Severity:

5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

7.1 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-noinfo

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2020-3993

Source: XF
Type: UNKNOWN
vmware-cve20203993-sec-bypass(190041)

Source: CCN
Type: VMware Security Advisory VMSA-2020-0023
VMware ESXi, Workstation, Fusion and NSX-T updates address multiple security vulnerabilities

Source: MISC
Type: Patch, Vendor Advisory
https://www.vmware.com/security/advisories/VMSA-2020-0023.html

Vulnerable Configuration:

Configuration 1:

cpe:/a:vmware:cloud_foundation:*:*:*:*:*:*:*:* (Version >= 3.0 and < 3.10.1.1)

OR cpe:/a:vmware:cloud_foundation:*:*:*:*:*:*:*:* (Version >= 4.0 and < 4.1)

OR cpe:/a:vmware:nsx-t_data_center:*:*:*:*:*:*:*:* (Version >= 2.5.0 and < 2.5.2.2.0)

OR cpe:/a:vmware:nsx-t_data_center:*:*:*:*:*:*:*:* (Version >= 3.0.0 and < 3.0.2)

Denotes that component is vulnerable

BACK