Vulnerabilities

VMware Patches Critical Flaw in Carbon Black Cloud Workload

Issued by: Security Week

Source
Advertisement


Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface for the appliance and exists because attackers could bypass authentication through manipulation of a URL on the interface.

“A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance may be able to obtain a valid authentication token, granting access to the administration API of the appliance,” VMware notes in an advisory.

Read more
You might also like
Vulnerabilities

For recent big data software vulnerabilities, botnets and coin mining are just the beginning

Vulnerabilities

U.S. Agencies Warn of APTs Exploiting Recent ADSelfService Plus Zero-Day

Vulnerabilities

Insider threats are security’s new reality: Prevention solutions aren’t working

Vulnerabilities

Patch now! Microsoft Exchange is being attacked via ProxyShell

Advertisement