VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently logged in session.
CPE | Name | Operator | Version |
---|---|---|---|
vcloud_director | ge | 9.5.0.0 | |
vcloud_director | lt | 9.5.0.3 |