CVE-2020-3955

Published: Apr 29, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3.

Vendor	Product	Versions
VMware	ESXi	affected `ESXi 6.5 without patch ESXi650-201912104-SG` affected `ESXi 6.7 without patch ESXi670-202004103-SG`

References

https://www.vmware.com/security/advisories/VMSA-2020-0008.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-3955

Description

Affected Products

References