First published: Thu Apr 01 2021(Updated: )
VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. Successful exploitation of this issue would result in the attacker being able to view and alter administrative configuration settings.
Credit: security@vmware.com
Affected Software | Affected Version | How to fix |
---|---|---|
VMware Carbon Black Cloud | <=1.0.1 | |
Linux Kernel |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-21982 is considered a critical vulnerability with a high potential for exploitation due to authentication bypass.
To mitigate CVE-2021-21982, upgrade your VMware Carbon Black Cloud Workload appliance to version 1.0.2 or later.
CVE-2021-21982 affects VMware Carbon Black Cloud Workload appliance versions 1.0.0 and 1.0.1.
Organizations using VMware Carbon Black Cloud Workload appliance versions 1.0.0 and 1.0.1 are at risk of CVE-2021-21982.
CVE-2021-21982 exploits an authentication bypass vulnerability that allows unauthorized access to the administrative interface.