VMware has released security updates to address security vulnerability in the VMware vCenter Server, exploitation of this flaw could allow a malicious actor to gain access to sensitive information. Tracked as CVE-2022-22948, the security flaw (CVSS score of 5.5) is described as an information disclosure issue caused by improper file permissions. The flaw is fixed in vCenter Server versions 7.0 U3d, 6.7 U3p and 6.5 U3r.

VMware advises customers to apply updates.

More information on vulnerabilities and updates is available in VMware security advisory – VMSA-2022-0009.