On April 9, 2020, VMware vCenter Server updates were issued, which address sensitive information disclosure vulnerability in the VMware Directory Service "vmdir" (CVE-2020-3952). A malicious actor with network access to an affected deployment may be able to extract highly sensitive information which could be used to compromise vCenter Server or other services. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 10.0.
Lien vers l'article source