Vmware · Vcloud Director · CVE-2019-5523
**Name of the Vulnerable Software and Affected Versions**
VMware vCloud Director for Service Providers versions 9.5.x prior to 9.5.0.3
**Description**
The issue is related to incorrect session management in the vCloud Director platform, which may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently logged-in session. Successful exploitation of this issue can enable a remote attacker to hijack remote sessions.
**Recommendations**
For versions 9.5.x prior to 9.5.0.3, update to version 9.5.0.3 to resolve the issue.