VMware Security Advisory - VMware VirtualCenter client 2.x before 2.0.1 Patch 1 (Build 33643) and 1.4.x before 1.4.1 Patch 1 (Build 33425), does not verify the server's X.509 certificate when creating an SSL session, which allows remote malicious servers to spoof valid servers via a man-in-the-middle attack.
dd8749ced22df23e5f0ba37882456145b8a99e2becc1c7456cdf60ab18621215