3 matches found
CVE-2016-2076
Client Integration Plugin CIP in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 before 6.2.4.1 mishandles session content, which allows remote attackers to hijack sessions via a crafted web site...
CVE-2016-2076
CVE-2016-2076 affects VMware products including vCenter Server (5.5 U3a/U3b/U3c and 6.0 before U2), vCloud Director 5.5.5, and vRealize Automation Identity Appliance 6.2.4 before 6.2.4.1. The issue is improper handling of session content by the VMware Client Integration Plugin (CIP), enabling rem...
VMware Patches Critical Session Handling Vulnerability
VMware fixed a critical vulnerability in one of its products this week that if exploited by an attacker, could’ve led to a man-in-the-middle attack. According to an advisory, the problem existed in VMware’s Client Integration plugin, a collection of tools present in a handful of other products th...