Top
image credit: Adobe Stock

High-severity VMware bug still not patched, almost one year later

October 12, 2022

Via: TechRadar

A high-severity vulnerability discovered almost a year ago in VMware vCenter Server 8.0 has not yet been patched(opens in new tab), the company has confirmed.

The flaw, tracked as CVE-2021-22048, is described as a privilege escalation vulnerability, and allows non-admin users to elevate their privileges on unpatched servers. It was discovered in November 2021 in vCenter Server’s Integrated Windows Authentication mechanism (IWA).

Read More on TechRadar