==================================================================== CERT-Renater Note d'Information No. 2020/VULN469 _____________________________________________________________________ DATE : 24/08/2020 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running VMware ESXi versions prior to ESXi_7.0.0-1.25.16324942, ESXi670-202008101-SG, ESXi670-202008401-BG, ESXi650-202007401-BG, ESXi650-202007101-SG, VMware vCenter Server versions prior to 7.0.0b, 6.7u3j, 6.5u3k, VMware Cloud Foundation versions prior to 4.0.1, 3.10.0, Release Pending (3.10.1). ===================================================================== https://www.vmware.com/security/advisories/VMSA-2020-0018.html _____________________________________________________________________ Moderate Advisory ID: VMSA-2020-0018 CVSSv3 Range: 5.3 Issue Date: 2020-08-20 Updated On: 2020-08-20 (Initial Advisory) CVE(s): CVE-2020-3976 Synopsis: VMware ESXi, vCenter Server, and Cloud Foundation updates address a partial denial of service vulnerability (CVE-2020-3976) 1. Impacted Products VMware ESXi VMware vCenter Server VMware Cloud Foundation 2. Introduction A partial denial of service vulnerability in VMware ESXi and vCenter Server was privately reported to VMware. Patches and updates are available to remediate these vulnerabilities in affected VMware products. 3. Partial denial of service vulnerability via authentication services (CVE-2020-3976) Description VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3. Known Attack Vectors A malicious actor with network access to ESXi or vCenter may be able to exploit this vulnerability to exhaust memory resources resulting in a degradation of performance condition while the attack is sustained. Resolution To remediate CVE-2020-3976 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below. Workarounds None. Additional Documentation None. Acknowledgements VMware would like to thank weinull of Orz Team for reporting this issue to us. Notes None. Response Matrix Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation ESXi 7.0 Any CVE-2020-3976 5.3 moderate ESXi_7.0.0-1.25.16324942 None None ESXi 6.7 Any CVE-2020-3976 5.3 moderate ESXi670-202008101-SG ESXi670-202008401-BG None None ESXi 6.5 Any CVE-2020-3976 5.3 moderate ESXi650-202007401-BG ESXi650-202007101-SG None None Cloud Foundation (ESXi) 4.x.x Any CVE-2020-3976 5.3 moderate 4.0.1 None None Cloud Foundation (ESXi) 3.x.x Any CVE-2020-3976 5.3 moderate 3.10.0 None None vCenter Server 7.0 Any CVE-2020-3976 5.3 moderate 7.0.0b None None vCenter Server 6.7 Any CVE-2020-3976 5.3 moderate 6.7u3j None None vCenter Server 6.5 Any CVE-2020-3976 5.3 moderate 6.5u3k None None Cloud Foundation (vCenter) 4.x.x Any CVE-2020-3976 5.3 moderate 4.0.1 None None Cloud Foundation (vCenter) 3.x.x Any CVE-2020-3976 5.3 moderate Release Pending (3.10.1) None None 4. References Downloads and Documentation: VMware ESXi Patch Release 7.0b https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/7.0/rn/esxi70b.html VMware ESXi 6.7 ESXi670-202008101-SG and ESXi670-202008401-BG https://my.vmware.com/group/vmware/patch VMware ESXi 6.5 ESXi650-202007101-SG and ESXi650-202007401-BG https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/6.5/rn/esxi650-202007001.html vCenter Server 7.0.0b https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VC700B&productId=974&rPId=50093 https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-vcenter-server-700b-release-notes.html vCenter Server 6.7u3j https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VC67U3J&productId=742&rPId=50446 https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-67u3j-release-notes.html vCenter Server 6.5u3k https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VC65U3K&productId=614&rPId=50173 https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u3k-release-notes.html VMware Cloud Foundation 4.0.1 https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VCF401&productId=1015&rPId=48125 VMware Cloud Foundation 3.10.0 https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VCF310&productId=1001&rPId=46540 VMware Cloud Foundation 3.10.1 ** Release Pending ** Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3976 FIRST CVSSv3 Calculator: CVE-2020-3976 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5. Change Log 2020-08-20 VMSA-2020-0018 Initial security advisory. 6. Contact E-mail list for product security notifications and announcements: https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce@lists.vmware.com bugtraq@securityfocus.com fulldisclosure@seclists.org E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories https://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC Copyright 2020 VMware Inc. All rights reserved. ========================================================= + CERT-RENATER       |    tel : 01-53-94-20-44          + + 23/25 Rue Daviel   |    fax : 01-53-94-20-41          + + 75013 Paris        |    email:cert@support.renater.fr + =========================================================