Loading Posts...

VMware vCloud Director For Service Providers Remote Session Hijack Vulnerability

Dakota University has reported a Vulnerability about VMware vCloud Director for service providers recently about Remote Session Hijack vulnerability in the Tenant and Provider Portals. Previously, I published an article about Out-of-bounds Read/Write Security Vulnerabilities and you can find the post here.

The exploitation of this allows attacker to access Tenant or Provider portals by impersonating a currently logged in session.

CVE-2019-5523 has assigned to this vulnerability, and only affected the vCloud Director 9.5.x version. If you have the 9.5.x version running in your environment make sure to update the version to 9.5.0.3 which comes with the relevant patches.

Download Links:

Aruna Lakmal

Associate Technical Specialist at Pearson, Sri Lanka. Technology junky, enthusiast, a VMware vExpert and a blogger with more than 7 years of Experience in Information Technology more focusing on VMware Virtualization, Microsoft and Datacenter Technologies.

Get Updates Directly To Your Inbox!

   

Leave a Reply

Loading Posts...