Horizon Adapter instances created
The three vulnerabilities in
Trinh did not share technical details about the vulnerabilities.
The most severe issue, tracked as CVE-2020-3943, is a remote code execution flaw rated as critical that can be exploited by an
“vRealize Operations for Horizon Adapter uses a
The second flaw, tracked as CVE-2020-3944 and rated high severity, could allow an
“vRealize Operations for Horizon Adapter has an improper trust store configuration leading to authentication bypass. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.6.” continues the advisory.
The last flaw, tracked as CVE-2020-3945 and rated as moderate severity, is an information disclosure vulnerability caused by “incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View.”
The flaws affect
(SecurityAffairs – hacking, IOTA foundation)