We were made aware of a potential security issue with vCenter Server v6.7. Please note, this only affects vCenter Server installations that were upgraded from 6.0 to 6.7, or from 6.5 to 6.7. This does NOT affect ESXi host servers.
Our normal recommendation is that a fresh vCenter Server Appliance be deployed instead of upgrading. If you upgraded an existing vCenter Server v6.0 or v6.5, to v6.7, you will want to apply the patch (6.7u3f) issued on 4/16/2020.
For additional details, see the VMware security advisory at the link below:
https://www.vmware.com/security/advisories/VMSA-2020-0006.html