A high-risk vulnerability can be used by hackers to take full control of virtualized cloud infrastructure. If left unpatched, it can be easily exploited through customer trial accounts. The flaw can be exploited through the HTML5 and Flex-based user interfaces of Cloud Director, as well as its API Explorer interface and API access. The vulnerability is rated 8.8 (high) in the Common Vulnerabilities Scoring System (CVSS) and can lead to arbitrary remote code execution.”]