CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: May 3, 2022
High
CISA KEVEPSS 94.4%CVE-2020-3952
VMware—vCenter Server
VMware vCenter Server contains an information disclosure vulnerability in the VMware Directory Service (vmdir) when the Platform Services Controller (PSC) does not correctly implement access controls. Successful exploitation allows an attacker with network access to port 389 to extract sensitive information.
EPSS — Exploit Probability
94.4%
Higher than 100.0% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2020-3952
Vulnerability Overview
- Severity
- High
- EPSS
- 94.4%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Nov 3, 2021
- KEV Added
- Nov 3, 2021
- Due Date
- May 3, 2022
- Related Articles
- 0
Vendor
VMware
vCenter Server