VMware: Fixes old bug in vCenter Server

From en.secnews.gr


VMware has finally released one information code for a high severity privilege escalation flaw in vCenter Server’s Integrated Windows Authentication (IWA) mechanism that was discovered eight months ago.

The vulnerability known as CVE-2021-22048, was discovered by Yaron Zinar and Sagi Sheinfeld of CrowdStrike and also affects hybrid platform deployments cloud of the VMware Cloud Foundation.

Read more…