Critical authentication bypass flaw with VMware Carbon Black App Control lets attackers obtain administrative access with any authentication. The vulnerability can be tracked as CVE-2021-21998 and obtained a maximum CVSSv3 base score of 9.4.
Carbon Black App is a tool designed to harden new and to protect legacy systems from unwanted changes and to ensure compliance for key frameworks (PCI-DSS, HIPAA, GDPR, SOX, FISMA, and NERC).
This is the second time VMware addressing vulnerability with Carbon Black App, earlier in April incorrect URL handling vulnerability (CVE-2021-21982) was fixed.
According to VMware advisory “a malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate”.
Products Affected
- AppC 8.6.x
- AppC 8.5.x
- AppC 8.1.x, 8.0.x
Fixed Version
- AppC 8.6.2
- AppC 8.5.8
- AppC 8.1.x, 8.0.x(Hotfix available)
VMware Tools for Window (CVE-2021-21999)
A local privilege escalation vulnerability affects VMware Tools for Windows, VMware Remote Console for Windows (VMRC for Windows), and VMware App Volumes.
An attacker with normal access can exploit the vulnerability by placing a malicious file renamed as `openssl.cnf’ in an unrestricted directory which would allow code to be executed with elevated privileges, reads the advisory.
Also Read
VMware Fixes Critical Flaw that Let Attackers Steal Admin Credentials
