This article encloses two announced security vulnerabilities with vCenter server.
VMSA-2022-0018 – VMware vCenter Server updates address a server-side
request forgery vulnerability (CVE-2022-22982)
Please see the advisory and the required security patches here:
VMware vCenter Server (vCenter Server)
VMware Cloud Foundation (Cloud Foundation)
VMSA-2021-0025.2 – VMware vCenter Server updates address a privilege
escalation vulnerability (CVE-2021-22048)
Please see the updated advisory here:
Added fixed version of vCenter Server 7.0 in the Response Matrix.