CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-3945

HIGH
7.5
CVSS Severity Score
EPSS Score0.1120%
EPSS Percentile1.55th
Published2020年2月19日
Last Modified2024年11月21日

Vulnerability Description

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may obtain sensitive information

Affected Platforms (CPE)

📦
Vmware

Vrealize Operations

>= 6.6.0 and < 6.6.1
📦
Vmware

Vrealize Operations

>= 6.7.0 and < 6.7.1

References & Advisories

🔗 https://www.vmware.com/security/advisories/VMSA-2020-0003.html
🔗 https://www.vmware.com/security/advisories/VMSA-2020-0003.html

相关漏洞威胁

CVE-2016-745710.0

VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove v...

CVE-2020-39439.8

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not secure...

CVE-2020-39448.6

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration ...

CVE-2016-74628.5

The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary...