VMware has evaluated the severity of this issue to be in the Critical severity range
VMware has evaluated the severity of this issue to be in the Critical severity range

On 4/9/2020, VMware announced a critical security vulnerability (advisory VMSA-2020-0006) affecting vCenter.

The vulnerability rates a 10 out of 10 on the CVSSv3 scale due to the high likelihood of an attacker exploiting it.

Due to incorrect access controls to the VMware Directory Service service on vCenter, a malicious actor may be able to extract sensitive information to compromise the vCenter Server or other services. As per VMware’s advisory, clean installations of vCenter 6.7 are unaffected, but any vCenter platform upgraded from vCenter 6.0 and 6.5 are vulnerable and should be updated to vCenter 6.7u3f.

SCTG is already mitigating this vulnerability on all internal systems and customer platforms. We will be reaching out to our cloud customers ASAP to ensure their environments are updated.

As always, our Managed Services team is standing by to help. If you have any questions, please submit a support request through the customer portal or call us at 312-829-1111 Ext 2.

SCTG

111 W. Jackson Blvd #1600
Chicago, IL 60604
sales@servercentral.com
+1 312-829-1111

© 2020 ServerCentral Turing Group