Vulnerability in vRealize Operations allows attackers to steal admin credentials after exploiting vulnerable servers. The vulnerability was discovered and reported to Positive Technologies by Positive Technologies web security researcher Egor Dimitrenko. The company has also published workaround instructions for admins who don’t want to or can’t immediately patch servers running vulnerable versions (e.g., there is no patch for their version) There are is no impact after applying the workaround measures and no functionality will be affected. The fix is available in the support articles linked below.
Source: https://www.bleepingcomputer.com/news/security/vmware-fixes-bug-allowing-attackers-to-steal-admin-credentials/