CVE-2020-3952

CVE Database · CVE-2020-3952

CVE-2020-3952

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

90.38%

Published

Apr 10, 2020

Modified

Oct 30, 2025

CISA Known Exploited Vulnerability

Added: 2021-11-03 · Due: 2022-05-03

Apply updates per vendor instructions.

Public PoC / Exploit (7)

All weaponized →

Exploit-DBVMware vCenter Server 6.7 - Authentication Bypass NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCguardicore/vmware_vcenter_cve_2020_3952★275 GitHub PoCchronoloper/CVE-2020-3952★4 GitHub PoCFa1c0n35/vmware_vcenter_cve_2020_3952★3 GitHub PoCgelim/CVE-2020-3952★2

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-306CWE-306

Affected Products (1)

vmware · vcenter_servervulnerable

References (5)

http://packetstormsecurity.com/files/157896/VMware-vCenter-Server-6.7-Authentication-Bypass.html

ExploitThird Party AdvisoryVDB Entry

https://www.vmware.com/security/advisories/VMSA-2020-0006

Broken LinkVendor Advisory

http://packetstormsecurity.com/files/157896/VMware-vCenter-Server-6.7-Authentication-Bypass.html

ExploitThird Party AdvisoryVDB Entry

https://www.vmware.com/security/advisories/VMSA-2020-0006

Broken LinkVendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3952

KEV Catalog EPSS Scores Vendors All CVEs