CVE-2020-3944

Name of the Vulnerable Software and Affected Versions vRealize Operations for Horizon Adapter versions 6.6.x prior to 6.6.1 vRealize Operations for Horizon Adapter versions 6.7.x prior to 6.7.1

Description The issue is related to an improper trust store configuration, leading to authentication bypass in vRealize Operations for Horizon Adapter. An unauthenticated remote attacker with network access to vRealize Operations, where the Horizon Adapter is running, may be able to bypass adapter authentication. This could allow a remote attacker to gain unauthorized access to protected information due to authentication errors.

Recommendations For versions 6.6.x prior to 6.6.1, update to version 6.6.1 or later to resolve the issue. For versions 6.7.x prior to 6.7.1, update to version 6.7.1 or later to resolve the issue.