VMware Security Announcement VMSA-2020-0008
Today VMware released VMSA-2020-0008. This affects VMware ESXi, and the related patches address a Stored Cross-Site Scripting (XSS) vulnerability that was privately reported to VMware (CVE-2020-3955).
Patch links and information is listed below.
VMware ESXi 6.5 and VMware ESXi 6.7. VMware ESXi 7 is not affected!
VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3955)
The VMware ESXi Host Client does not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3.
Known Attack Vectors:
A malicious actor with access to modify the system properties of a virtual machine from inside the guest OS (such as changing the hostname of the virtual machine) may be able to inject malicious script which will be executed by a victim's browser when viewing this virtual machine via the ESXi Host Client.
To remediate CVE-2020-3955 apply the following updates;
For ESXi 6.5 use ESXi650-201912104-SG
For ESXI 6.7 use ESXi670-202004103-SG
Fixed Version(s) and Release Notes:
VMware ESXi 6.7ESXi670-202004103-SG
VMware ESXi 6.5ESXi650-201912104-SG
Link to VMware advisory