VMware issued a security advisory Tuesday warning users to uninstall the VMware Enhanced Authentication Plug-in (EAP) due to critical and high severity vulnerabilities.
The VMware EAP is a deprecated browser plugin that enables seamless single sign-on (SSO) to vSphere’s management interface from client workstations. It is an optional feature that stopped receiving support with the release of VMware vCenter Server 7.0.0u2 in March 2021.
A critical vulnerability in the VMWare EAP, tracked as…