VMware has fixed multiple high-severity vulnerabilities affecting its cloud management platform (CMP), VMware Aria, which could allow attackers to steal sensitive credentials from the virtualization giant’s IT management and logging solutions.
Parent company Broadcom, in an advisory issued on Thursday, revealed that two out of five recently disclosed vulnerabilities are “high severity” information disclosure flaws impacting the VMware Aria Operations and VMware Aria operations for Logs components, respectively.
Continue reading on CSO
Source:: Network World