==================================================================== CERT-Renater Note d'Information No. 2020/VULN470 _____________________________________________________________________ DATE : 24/08/2020 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running VMware App Volumes versions prior to 2.18.6, 2006. ===================================================================== https://www.vmware.com/security/advisories/VMSA-2020-0019.html _____________________________________________________________________ Moderate Advisory ID: VMSA-2020-0019 CVSSv3 Range: 4.5 Issue Date: 2020-08-20 Updated On: 2020-08-20 (Initial Advisory) CVE(s): CVE-2020-3975 Synopsis: VMware App Volumes patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3975) 1. Impacted Products VMware App Volumes 2. Introduction A Stored Cross-Site Scripting (XSS) vulnerability affecting VMware App Volumes was privately reported to VMware. Updates are available to address this vulnerability in affected VMware products. 3a. Advisory Details Description VMware App Volumes does not correctly validate user input when creating and editing applications or creating storage groups. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.5. Known Attack Vectors A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim's browser when viewing. Resolution To remediate CVE-2020-3975 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' below. Workarounds None. Additional Documentation None. Notes None. Acknowledgements VMware would like to thank Maarten Pentinga of Dienst Uitvoering Onderwijs (DUO) for reporting this issue to us. Response Matrix Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation App Volumes 2.x Any CVE-2020-3975 4.5 moderate 2.18.6 None None App Volumes 4 Any CVE-2020-3975 4.5 moderate 2006 None None 4. References Fixed Version(s) and Release Notes: VMware App Volumes 2.18.6 Downloads and Documentation: https://my.vmware.com/web/vmware/downloads/info/slug/desktop_end_user_computing/vmware_app_volumes/2_x https://docs.vmware.com/en/VMware-App-Volumes/2.18.6/rn/VMware-App-Volumes-2186-Release-Notes.html VMware App Volumes 4 2006 https://my.vmware.com/web/vmware/downloads/info/slug/desktop_end_user_computing/vmware_app_volumes/4_x https://docs.vmware.com/en/VMware-App-Volumes/2006/rn/VMware-App-Volumes-4-version-2006.html Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3975 FIRST CVSSv3 Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N 5. Change Log 2020-08-20 VMSA-2020-0019 Initial security advisory. 6. Contact E-mail list for product security notifications and announcements: https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce@lists.vmware.com E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories https://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC Copyright 2020 VMware Inc. All rights reserved. ========================================================= + CERT-RENATER       |    tel : 01-53-94-20-44          + + 23/25 Rue Daviel   |    fax : 01-53-94-20-41          + + 75013 Paris        |    email:cert@support.renater.fr + =========================================================