Bleeping Computer

VMware urges admins to remove deprecated, vulnerable auth plug-in

VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left ...
Dark Reading

Critical Vulnerability in VMware vSphere Plug-in Allows Session Hijacking

VMware is urging network administrators to remove an out-of-date plug-in for its VSphere, which has two flaws — one of them critical — that can allow attackers with access to a Windows client system ...
Bleeping Computer

VMware vCenter Server bug disclosed last year still not patched

VMware informed customers today that vCenter Server 8.0 (the latest version) is still waiting for a patch to address a high-severity privilege escalation vulnerability disclosed in November 2021. This ...