{"vulnerability": "CVE-2020-3956", "sightings": [{"uuid": "5bf243dc-275e-4d7f-bdf6-918500136f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-3956", "type": "seen", "source": "https://t.me/SecLabNews/7741", "content": "\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Citadelo \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2020-3956) \u0432 \u041f\u041e VMware Cloud Director. \u0415\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0447\u0430\u0441\u0442\u043d\u044b\u043c\u0438 \u043e\u0431\u043b\u0430\u043a\u0430\u043c\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0432\u0441\u0435\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.    \nRCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 VMware Cloud Director \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b", "creation_timestamp": "2020-06-02T16:05:02.000000Z"}, {"uuid": "e4c472e3-576b-4ea1-b510-48ce4ce7a9d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-3956", "type": "seen", "source": "https://t.me/information_security_channel/38298", "content": "Recently, a group of security researchers at Citadelo has revealed a new vulnerability in VMware Cloud Director, a leading cloud service-delivery platform that could potentially allow an attacker to access sensitive data and control private clouds within the infrastructure. The security researchers have marked the flaw as \u2018CVE-2020-3956\u2018, even they have also claimed that the [\u2026]\nThe post Critical VMware Cloud Director Bug Let Hackers Complete Take Over the Corporate Server Infrastructure (https://gbhackers.com/critical-vmware-cloud-director-bug/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-06-04T05:14:56.000000Z"}, {"uuid": "dc625b9e-9a94-48d7-ae0e-8b10a131fdc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-3956", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/717", "content": "{NEW} Researchers disclose details + PoC for a critical vulnerability (CVE-2020-3956) in VMware's Cloud Director platform that could let attackers compromise private clouds within an entire infrastructure and access to sensitive information.\n\nhttps://thehackernews.com/2020/06/vmware-cloud-director-exploit.html", "creation_timestamp": "2020-06-02T07:45:47.000000Z"}, {"uuid": "a9b0c9db-64a5-44be-84d4-b28be64ef7ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-3956", "type": "published-proof-of-concept", "source": "https://t.me/antichat/8428", "content": "FULL INFRASTRUCTURE TAKEOVER OF VMWARE CLOUD DIRECTOR (CVE-2020-3956)\nhttps://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/", "creation_timestamp": "2020-06-02T08:45:46.000000Z"}, {"uuid": "a188f06d-cdc0-4599-a3bf-869dfbdf7395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-3956", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6469", "content": "FULL INFRASTRUCTURE TAKEOVER OF VMWARE CLOUD DIRECTOR (CVE-2020-3956)\nhttps://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/", "creation_timestamp": "2020-06-02T10:44:56.000000Z"}, {"uuid": "9071e902-be06-43a9-8efa-26e6fee7c486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-3956", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1212", "content": "#exploit\nCVE-2020-3956:\nVMware Cloud Director (10.0.x-10.0.0.2, 9.7.0.x-9.7.0.5, 9.5.0.x-9.5.0.6, 9.1.0.x-9.1.0.4) - Arbitrary RCE (analysis + PoC)\nhttps://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/", "creation_timestamp": "2024-09-10T16:09:29.000000Z"}]}