VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.
CPE | Name | Operator | Version |
---|---|---|---|
vrealize_automation | ge | 8.0 | |
vrealize_automation | lt | 8.6 | |
vrealize_orchestrator | ge | 8.0 | |
vrealize_orchestrator | lt | 8.6 |