Cross-Site Request Forgery Vulnerability in VMware vCloud Director
CVE-2014-1211
Currently unrated
Summary
A Cross-Site Request Forgery (CSRF) vulnerability exists in VMware vCloud Director prior to version 5.1.3. This weakness allows a remote attacker to hijack the authentication of arbitrary users, potentially leading to unauthorized actions triggered by a logout request. By manipulating a logged-in user's session, an attacker could execute commands without the user's consent.
References
Timeline
Vulnerability published
Vulnerability Reserved