Critical Vulnerability in VMware’s Carbon Black App Control
There’s a vulnerability in VMware’s Carbon Black App Control management server. Rated 9.4 according to the CVSS scale, the severe flaw could grant threat actors with admin rights without any authentication.
This condition could then give attackers access to various systems.
CVE-2021-21998
According to MITRE’s advisory, the vulnerability has been given the CVE-2021-21998 identifier. Its official description is the following:
VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate.
In other words, the vulnerability is a severe authentication bypass that could enable attackers to access the server and get admin rights, with no authentication needed.
Fortunately, the serious VMware issue already has a patch available.
Last month, VMware fixed another quite severe, critical flaw in vCenter. The vulnerability was rated with a CVSS score of 9.8 out of 10, and it could enable a malicious actor to execute arbitrary code on a targeted server. The bug triggered by a lack of input validation in the Virtual SAN (vSAN) Health Check pluin-in, enabled by default in the vCenter server.