Vulnerabilities > Vmware > Vcloud Director > 9.5.0.1

DATE CVE VULNERABILITY TITLE RISK
2020-05-20 CVE-2020-3956 Expression Language Injection vulnerability in VMWare Vcloud Director
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability.
network
low complexity
vmware CWE-917
8.8
8.8
2019-04-01 CVE-2019-5523 Session Fixation vulnerability in VMWare Vcloud Director 9.5.0.0/9.5.0.1/9.5.0.2
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals.
network
low complexity
vmware CWE-384
critical
 9.8
9.8