If you’re using vCAC, vCenter Operations, vRealize Orchestrator, vRealize Automation…you get the idea, then you probably want to be aware of a deserialization vulnerability announced recently by VMware.
Several different versions are affected, but there are patches available. The fix…obviously patch your stuff. This will likely require a restart of these services (at least the VMs running them). The deserialization vulnerabilty may mean that it’s hard to validate data, or there may be malformed logic. This could be manipulated by hackers to gain access and control of these pretty important services.
As different versions are affected, make sure you’re keeping up to date with your patches no matter how old or new your software is!