VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently logged in session.
[
{
"product": "VMware vCloud Director for Service Providers (vCD)",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "9.5.x before 9.5.0.3"
}
]
}
]