A critical information disclosure bug in Oracle s Java runtime environment (JRE) could allow information disclosure inside certain VMware environments. Affected products include Horizon View, vCenter Operations Manager, vSphere Replication, vCloud Automation Center 6.0.1, vRealize Automation 6.2.2 or 6.1.3. The update essentially installs the latest version of JRE into systems where the old version was affected by CVE-2014-6593. The newer JRE versions fix other bugs as well.
Source: https://threatpost.com/vmware-fixes-information-disclosure-vulnerability/112007/