From en.secnews.gr
VMware has finally released oneĀ informationĀ code for a high severity privilege escalation flaw in vCenter Server’s Integrated Windows Authentication (IWA) mechanism that was discovered eight months ago.
The vulnerability known as CVE-2021-22048, was discovered by Yaron Zinar and Sagi Sheinfeld of CrowdStrike and also affects hybrid platform deployments cloud of the VMware Cloud Foundation.