TTCSIRT-345.08.28.20: TT-CSIRT ADVISORY -VMware ESXi, vCenter Server, and Cloud Foundation denial of services

TTCSIRT-345.08.28.20: TT-CSIRT ADVISORY -VMware ESXi, vCenter Server, and Cloud Foundation denial of services

A vulnerability was found in VMware ESXi and vCenter Server (Server Management Software) (the affected version is unknown).

It has been declared as problematic. This vulnerability affects some unknown functionality of the component Authentication Service.

The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404.

As an impact it is known to affect availability. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust memory resources.

Please visit the following link for further information and solution support:
https://www.vmware.com/security/advisories/VMSA-2020-0018.html

If you have any queries or comments with regards to this advisory, please feel free to contact TTCSIRT via contacts@ttcsirt.gov.tt