Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2021/07/23 12:0 a.m.30 views

VMware Carbon Black App Control 8.0.x / 8.1.x / 8.5.x < 8.5.8 / 8.6.x < 8.6.2 Authentication Bypass (VMSA-2021-0012)

An authentication bypass vulnerability exists in the VMware Carbon Black App Control management server. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary actions with administrative privileges. Note that Nessus has not tested for this issue but ha...

9.8CVSS9.1AI score0.10619EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/06/24 3:31 p.m.255 views

Critical VMware Carbon Black Bug Allows Auth Bypass

VMware has fixed an uber-severe bug in its Carbon Black App Control AppC management server: A server whose job is to lock down critical systems and servers so they don’t get changed willy-nilly. AppC also ensures that organizations stay in continuous compliance with regulatory mandates. This is a...

9.8CVSS7.4AI score0.10619EPSS
Exploits0References13
The Hacker News
The Hacker News
added 2021/06/24 8:0 a.m.87 views

Critical Auth Bypass Bug Affects VMware Carbon Black App Control

VMware has rolled out security updates to resolve a critical flaw affecting Carbon Black App Control that could be exploited to bypass authentication and take control of vulnerable systems. The vulnerability, identified as CVE-2021-21998, is rated 9.4 out of 10 in severity by the industry-standar...

9.8CVSS1.1AI score0.10619EPSS
Exploits0
NVD
NVD
added 2021/06/23 12:15 p.m.22 views

CVE-2021-21998

VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to...

9.8CVSS0.10619EPSS
Exploits0References1
CVE
CVE
added 2021/06/23 11:10 a.m.81 views

CVE-2021-21998

CVE-2021-21998 affects VMware Carbon Black App Control on versions 8.0, 8.1, 8.5 before 8.5.8, and 8.6 before 8.6.2. The issue is an authentication bypass that could let a network-accessible attacker obtain administrative access without authentication. Relevant sources note fixes: App Control 8.5...

9.8CVSS9.4AI score0.10619EPSS
Exploits0References1Affected Software1
VMware
VMware
added 2021/06/22 12:0 a.m.39 views

VMware Carbon Black App Control update addresses authentication bypass (CVE-2021-21998)

3. VMware Carbon Black App Control updates address authentication bypass CVE-2021-21998 The VMware Carbon Black App Control management server has an authentication bypass. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.4...

7.5CVSS9.7AI score0.10619EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder