CVE-2020-3955
N/A
N/A
Summary
ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VMware | ESXi | ESXi 6.5 without patch ESXi650-201912104-SG | affected |
| VMware | ESXi | ESXi 6.7 without patch ESXi670-202004103-SG | affected |
Weaknesses
- Stored Cross-Site-Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.