vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to bypass Adapter authentication.
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2020-0003.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: vmware
Published: 2020-02-19T20:03:57
Updated: 2020-02-19T20:03:57
Reserved: 2019-12-30T00:00:00
Link: CVE-2020-3944
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-19T21:15:11.513
Modified: 2020-02-26T20:07:07.060
Link: CVE-2020-3944
JSON object: View
Redhat Information
No data.
CWE