Loading Posts...

VMware vCloud Director For Service Providers Remote Session Hijack Vulnerability

Dakota University has reported a Vulnerability about VMware vCloud Director for service providers recently about Remote Session Hijack vulnerability in the Tenant and Provider Portals. Previously, I published an article about Out-of-bounds Read/Write Security Vulnerabilities and you can find the post here.

The exploitation of this allows attacker to access Tenant or Provider portals by impersonating a currently logged in session.

CVE-2019-5523 has assigned to this vulnerability, and only affected the vCloud Director 9.5.x version. If you have the 9.5.x version running in your environment make sure to update the version to which comes with the relevant patches.

Download Links:

Click to rate this post!
[Total: 1 Average: 5]

Aruna Lakmal

Associate Technical Specialist, Sri Lanka. Technology junky, enthusiast, a VMware vExpert and a blogger with more than 8 years of Experience in Virtualization and Cloud Native technologies.

Get Updates Directly To Your Inbox!


Leave a Comment

Loading Posts...