2 matches found
CVE-2018-6959
CVE-2018-6959 affects VMware vRealize Automation (vRA) prior to 7.4.0, with a vulnerability in handling of session IDs that may allow hijacking a valid vRA user session. The Nessus/NVE and VMware advisory entries show affected versions up to 7.3.x (7.0.x–7.3.x) and indicate remediation via update...
CVE-2018-6958
Summary: CVE-2018-6958 affects VMware vRealize Automation (vRA) before 7.3.1, via a DOM-based XSS vulnerability that may lead to a compromised vRA user workstation. Affected versions: vRA 7.0.x, 7.1.x, 7.2.x, and 7.3.x before 7.3.1. Root cause: DOM-based XSS in the vRA interface. Impact: potentia...