Crucial Auth Bypass Bug Impacts VMware Carbon Black App Management

VMware has rolled out safety updates to resolve a vital flaw affecting Carbon Black App Management that may very well be exploited to bypass authentication and take management of weak techniques.

The vulnerability, recognized as CVE-2021-21998, is rated 9.4 out of 10 in severity by the industry-standard Widespread Vulnerability Scoring System (CVSS) and impacts App Management (AppC) variations 8.0.x, 8.1.x, 8.5.x, and eight.6.x.

Carbon Black App Control is a safety answer designed to lock down vital techniques and servers to forestall unauthorized adjustments within the face of cyber-attacks and guarantee compliance with regulatory mandates corresponding to PCI-DSS, HIPAA, GDPR, SOX, FISMA, and NERC.

Stack Overflow Teams

“A malicious actor with community entry to the VMware Carbon Black App Management administration server may have the ability to get hold of administrative entry to the product with out the necessity to authenticate,” the California-based cloud computing and virtualization know-how firm said in an advisory.

CVE-2021-21998 is the second time VMware is addressing an authentication bypass subject in its Carbon Black endpoint safety software program. Earlier this April, the corporate mounted an incorrect URL dealing with vulnerability within the Carbon Black Cloud Workload equipment (CVE-2021-21982) that may very well be exploited to achieve entry to the administration API.

That is not all. VMware additionally patched a neighborhood privilege escalation bug affecting VMware Instruments for Home windows, VMware Distant Console for Home windows (VMRC for Home windows), and VMware App Volumes (CVE-2021-21999, CVSS rating: 7.8) that would permit a nasty actor to execute arbitrary code on affected techniques.

Prevent Data Breaches

“An attacker with regular entry to a digital machine might exploit this subject by inserting a malicious file renamed as ‘openssl.cnf’ in an unrestricted listing which might permit code to be executed with elevated privileges,” VMware noted.

VMware credited Zeeshan Shaikh (@bugzzzhunter) from NotSoSecure and Hou JingYi (@hjy79425575) of Qihoo 360 for reporting the flaw.

Source link