Two critical vulnerabilities in IT operations management platform, vRealize Operations, could allow attackers to steal administrative credentials. If exploited, the successful exploit of these vulnerabilities could enable the theft of administrative credentials via remote access. The vulnerabilities were found by Positive Technologies and reported them to VMware. The platform is designed to offer self-driving IT operations for private, hybrid and multi-cloud environments in a unified platform powered by artificial intelligence. In February, the U.S. National Security Agency warned that Russian state-sponsored threat actors were attempting to exploit vulnerability in several of several products.”]
Source: https://www.cuinfosecurity.com/vmware-patches-2-flaws-in-vrealize-operations-a-16313