VMware issued a security advisory Tuesday warning users to uninstall the VMware Enhanced Authentication Plug-in (EAP) due to critical and high severity vulnerabilities. The VMware EAP is a deprecated browser plugin that enables seamless single sign-on (SSO) to vSphere’s management interface from client workstations.
Source: SC Magazine