Detections
Analytics
ESXi 6.5 / 6.7 XSS (VMSA-2020-0008)
critical Nessus Plugin ID 138475
Language:
Synopsis
The remote VMware ESXi host is missing a security patch and is affected by a cross-site scripting (XSS) vulnerability.Description
The remote VMware ESXi host is version 6.5 or 6.7 and is affected by a cross-site scripting (XSS) vulnerability in virtual machine attributes due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker with access to modify the system properties of a virtual machine from inside the guest OS can exploit this, by inserting script-related HTML in the system properties and having a user view the system properties from the ESXi Host Client, to execute arbitrary script code in a user's ESXi Host Client session.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Apply the appropriate patch as referenced in the vendor advisory.See Also
https://www.vmware.com/security/advisories/VMSA-2020-0008.html
Plugin Details
Severity: Critical
ID: 138475
File Name: vmware_esxi_VMSA-2020-0008.nasl
Version: 1.4
Type: remote
Family: Misc.
Published: 7/15/2020
Updated: 1/4/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.3
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.2
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Score Source: CVE-2020-3955
CVSS v3
Risk Factor: Critical
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:vmware:esxi
Required KB Items: Host/VMware/release, Host/VMware/version
Exploit Ease: No known exploits are available
Patch Publication Date: 4/28/2020
Vulnerability Publication Date: 4/28/2020
Reference Information
CVE: CVE-2020-3955
IAVA: 2020-A-0193-S
VMSA: 2020-0008