. https://www.darkreading.com/vulnerabilities---threats/researchers-explore-details-of-critical-vmware-vulnerability/d/d-id/1337589

home.aspx
   

article
SHARESHARESHARE
RESEARCHERS EXPLORE DETAILS OF CRITICAL VMWARE VULNERABILITY
Researchers have published the details of an investigation into CVE-2020-3952, a major vulnerability in VMware's vCenter that was disclosed and patched on April 9. The flaw was given a CVSS score of 10. CVE-2020-3952 exists in VMware's Directory Service (vmdir), which is a part of VMware vCenter Server, a centralized management platform for virtualized hosts and virtual machines. Through vCenter Server, the company says, an administrator can manage hundreds of workloads. The platform uses single sign-on (SSO), which includes vmdir, Security Token Service, an administration server, and the vCenter Lookup Service. Vmdir is also used for certificate management for the workloads vCenter handles. READ MORE