Security Vulnerability in VMware NSX-T Products
CVE-2020-3993
5.9MEDIUM
What is CVE-2020-3993?
VMware NSX-T versions prior to 3.0.2 and 2.5.2.2.0 are susceptible to a vulnerability that allows a KVM host to download and install unauthorized packages from the NSX manager. This flaw can potentially be exploited by an attacker positioned to perform a man-in-the-middle (MITM) attack, enabling them to compromise the transport node and put the security of the environment at risk.
Affected Version(s)
VMware NSX-T VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0)