Loading Posts...

VMware vCloud Director For Service Providers Remote Session Hijack Vulnerability

Dakota University has reported a Vulnerability about VMware vCloud Director for service providers recently about Remote Session Hijack vulnerability in the Tenant and Provider Portals. Previously, I published an article about Out-of-bounds Read/Write Security Vulnerabilities and you can find the post here.

The exploitation of this allows attacker to access Tenant or Provider portals by impersonating a currently logged in session.

CVE-2019-5523 has assigned to this vulnerability, and only affected the vCloud Director 9.5.x version. If you have the 9.5.x version running in your environment make sure to update the version to 9.5.0.3 which comes with the relevant patches.

Download Links:

Click to rate this post!
[Total: 1 Average: 5]

Aruna Fernando

"Sharing knowledge doesn't put your job at risk - iron sharpen iron" I heard this and it's true.

Get Updates Directly To Your Inbox!

   

Leave a Comment

Loading Posts...