Remote Session Hijack Vulnerability in VMware vCloud Director for Service Providers 9.5.x

Remote Session Hijack Vulnerability in VMware vCloud Director for Service Providers 9.5.x

CVE-2019-5523 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently logged in session.

Learn more about our Cloud Audit.