VMware has disclosed a critical vulnerability in its vCenter Server – and that it issued an update to fix it weeks ago, along with patches for unsupported versions of the software. The soon-to-be-acquired-by-Broadcom virtualization giant on Wednesday delivered news that its implementation of the Distributed Computing Environment/Remote Procedure Calls (DCERPC) protocol contains an out-of-bounds write vulnerability.
Source: The Register