VMware Xenon 1.x, prior to 1.5.4-CR71, 1.5.77, 1.5.4-CR62, 1.3.7-CR12, 1.1.0-CR0-3, 1.1.0-CR31,1.4.2-CR41, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient access controls for utility endpoints. Successful exploitation of this issue may result in information disclosure.