CVE-2020-3993 - OpenCVE

VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Vmware	Cloud Foundation Nsx-t Data Center

Configuration 1 [-]

OR	cpe:2.3:a:vmware:cloud_foundation::::::::
	cpe:2.3:a:vmware:cloud_foundation::::::::
	cpe:2.3:a:vmware:nsx-t_data_center::::::::
	cpe:2.3:a:vmware:nsx-t_data_center::::::::

References

Link	Resource
https://www.vmware.com/security/advisories/VMSA-2020-0023.html	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: vmware

Published: 2020-10-20T16:11:19

Updated: 2020-10-20T16:11:19

Reserved: 2019-12-30T00:00:00

Link: CVE-2020-3993

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-10-20T17:15:12.903

Modified: 2020-10-30T16:33:18.477

Link: CVE-2020-3993

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "VMware NSX-T", "vendor": "n/a", "versions": [{"status": "affected", "version": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0)"}]}], "descriptions": [{"lang": "en", "value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node."}], "problemTypes": [{"descriptions": [{"description": "MITM vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-20T16:11:19", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2020-3993", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware NSX-T", "version": {"version_data": [{"version_value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0)"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "MITM vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html", "refsource": "MISC", "url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"}]}}}}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2020-3993", "datePublished": "2020-10-20T16:11:19", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2020-10-20T16:11:19", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "A62C8589-3F25-4652-8CAA-EC10C64C2FF8", "versionEndExcluding": "3.10.1.1", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2A68886-4079-4BE1-9E51-6022ED680B86", "versionEndExcluding": "4.1", "versionStartIncluding": "4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:nsx-t_data_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AEB649B-3B44-4617-9E1E-F09FF361CD26", "versionEndExcluding": "2.5.2.2.0", "versionStartIncluding": "2.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:nsx-t_data_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A62AFA1-331B-4B22-8A67-BA1ED67816CB", "versionEndExcluding": "3.0.2", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node."}, {"lang": "es", "value": "VMware NSX-T (versiones 3.x anteriores 3.0.2, versiones 2.5.x anteriores a 2.5.2.2.0), contiene una vulnerabilidad de seguridad que se presenta en la manera en que permite que un host KVM descargue e instale paquetes desde el administrador de NSX. Un actor malicioso con posicionamiento MITM puede ser capaz de explotar este problema para comprometer el nodo de transporte"}], "id": "CVE-2020-3993", "lastModified": "2020-10-30T16:33:18.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-10-20T17:15:12.903", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}