VMware vRealize Automation Cross Site Scripting and Session Hijacking Vulnerabilities

Bugtraq ID: 103752
Class: Input Validation Error
CVE: CVE-2018-6958
CVE-2018-6959
Remote: Yes
Local: No
Published: Apr 12 2018 12:00AM
Updated: Apr 12 2018 12:00AM
Credit: Oliver Matula and Benjamin Schwendemann of ERNW Enno Rey Netzwerke GmbH
Vulnerable: VMWare vRealize Automation 7.2
VMWare vRealize Automation 7.3.0
VMWare vRealize Automation 7.1
VMWare vRealize Automation 7.0
Not Vulnerable: VMWare vRealize Automation 7.4
VMWare vRealize Automation 7.3.1


 

Privacy Statement
Copyright 2010, SecurityFocus