CVE-2019-5523

Summary

VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently logged in session.

Affected Software

VendorProductVersion RangeStatus
VMwareVMware vCloud Director for Service Providers (vCD)9.5.x before 9.5.0.3affected

Weaknesses

  • Remote Session Hijack vulnerability

ADP Enrichment

CVE Program Container

Additional References

References