VMware’s Cloud Director platform, used by many corporations and providers to manage cloud infrastructure, has a vulnerability that could allow attackers to gain access to the stored data. Rated 8.8 on the Common Vulnerability Scoring System (CVSS) and assigned CVE-2020-3956, this code-injection vulnerability in the cloud service-delivery platform could allow an attacker to gain access to the data on the cloud and take control of enterprise private clouds. Patches have been released by VMWare to fix the vulnerability. According to Citadelo, an ethical hacking company, this flaw can be exploited to not only access the stored information but can also modify the login section to gain administrator access and view hashed passwords of all of its users.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.