3 matches found
Critical Auth Bypass Bug Found in VMware Data Center Security Product
A critical vulnerability in the VMware Carbon Black Cloud Workload appliance could be exploited to bypass authentication and take control of vulnerable systems. Tracked as CVE-2021-21982, the flaw is rated 9.1 out of a maximum of 10 in the CVSS scoring system and affects all versions of the produ...
CVE-2021-21982
Summary: CVE-2021-21982 affects the VMware Carbon Black Cloud Workload appliance (versions 1.0.0 and 1.0.1) and is an authentication bypass vulnerability. A malicious actor with network access to the appliance’s administrative interface can obtain a valid authentication token and, as a result, vi...
VMware Carbon Black Cloud Workload appliance update addresses incorrect URL handling vulnerability (CVE-2021-21982)
3. Advisory Details A URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance can be manipulated to bypass authentication. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.1...