No fix KrbRelay VMware style

This report discloses two critical issues in VMware’s Enhanced Authentication Plugin for vSphere: CVE-2024-22245, enabling Kerberos relay via a browser-exposed plugin/WebSocket interface that a malicious website can abuse to request arbitrary service tickets; and CVE-2024-22250, allowing local session hijacking by reading session IDs from world-readable logs to obtain Kerberos tickets for other users. These flaws can be used to authenticate to AD-integrated services, including Azure Seamless SSO, without on-premises line-of-sight. VMware will not patch the deprecated plugin despite vSphere 7 support continuing until 2025; the recommended mitigation is to uninstall the plugin from all endpoints.