Just an FYI, we had a 3rd party do a vulnerability test and discovered Rapid7 isn’t detecting several VMware tools vulnerabilities for windows devices. Support just confirmed this but doesn’t seem in much of a hurry to resolve.
Example: CVE-2023-20900 which is a 7.1 and likely several other CVEs
6 Likes
+1 on this, I also find it crazy that VMware tools isn’t detected and also raised previously with support. Considering where this sits in the datacentre, I’m surprised they aren’t bothered about it too.