According to Bleeping Computer, VMware is warning of a critical bug affecting all vCenter Server installs and the company is urging its customers to patch a critical remote code execution (RCE) vulnerability in the Virtual SAN Health Check plug-in that impacts all vCenter Server deployments.
“These updates fix a critical security vulnerability, and it needs to be considered at once,” said Bob Plankers, Technical Marketing Architect at VMware. “This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of whether you use vSAN or not.”