On April 1st, 2021, VMWare released an advisory and update to address an authentication bypass vulnerability in Carbon Black Cloud rated 9.1 out of 10 on the CVSSv3 scale for severity. This issue will allow an adversary with access to the administrative interface of VMWare Carbon Black Workload appliance bypass authentication. According to VMWare, “A URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance can be manipulated to bypass authentication.” What is particularly troubling is this vulnerability is announced along with CVE-2021-21975 and a report by Positive Technologies making the case for exploitation via VM Ware vROps API, obtaining “access to the application with maximum privileges, which allows changing the application configuration and intercepting any data within the app.”
12 Essentials for a Successful SOC Partnership
Binary Defense
January 12, 2023
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security
