If you’re running a server hosting VMware’s Service Provider portal, you will want to make sure all your software is up to date immediately. That’s because the virtualization giant recently put out an advisory for a remote hijacking bug.
“VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals,” VMware says. “Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently logged in session.”
To read the entire article, please click on https://www.theregister.co.uk/2019/04/01/security_roundup_290319/