Loading...
Loading...
Known affected version(s) that were inferred because the vendor did not provide any: 8.0.3.00600
If your vCenter has both a federation provider and a legacy provider servicing the same domain, then logins by API, Virtual Appliance Management Interface (VAMI), or the vSphere Client in federation accounts by using username and password might be processed by the legacy provider, bypassing federation policies. For example, you can log in to vCenter with username and password by using PowerCLI even if federation rules do not permit such login. Such a bypass can also occur if you log in to vCenter by VAMI or the vSphere Client by selecting use local account but providing a federation account instead. This issue is resolved in this release. If you face the issue, but do not upgrade to vCenter 8.0 Update 3h, delete the legacy provider servicing the same domain by using the command line sso-config utility to stop user and group enumeration by API, such as PowerCLI Get-VIAccount .
https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/vcenter-server-update-and-patch-release-notes/vsphere-vcenter-server-80u3h-release-notes.html
Click on a version to see all relevant bugs
VMware vCenter Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.