Hi,
I have a silly question. I'm pretty new and I'm learning about ESXis. Recently, I received a few CVE notices, it often talks about "A malicious actor with local access" or "A malicious actor with local administrative privileges".
Does this mean the user needs to connect directly with the console or does it mean that as long as they can somehow remote using either the UI, SSH it's vulnerable?
Where exactly did you receive the notices?
We have a RSS feed that tells us the latest CVE from VMWare.
Here is an example of one: