Critical Auth Bypass Bug Found in VMware Data Centre Security Product

April 13, 2021

A critical vulnerability in the VMware Carbon Black Cloud Workload appliance could be exploited to bypass authentication and take control of vulnerable systems. The flaw is rated 9.1 out of a maximum of 10 in the CVSS scoring system and affects all versions of the product prior to 1.0.1. Carbon Black Cloud Workload is a data centre security product from VMware that aims to protect critical servers and workloads hosted on vSphere, the company’s cloud-computing virtualization platform. The VMware Carbon Black Cloud Workload platform is designed to provide cybersecurity defence for virtual servers and workloads that are hosted on the VMware’s vSphere platform. vSphere is VMware’s cloud-computing virtualization platform.

Affected CVE-2021-21982

How does the exploitation work?

A malicious actor can then view and alter administrative configuration settings, the company added.
Successful exploitation of this issue would result in the attacker being able to view and alter administrative configuration settings.
URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance can be manipulated to bypass authentication.
A remote attacker could exploit this vulnerability to take control of an affected system.
The security hole is only the latest critical problem that VMware has addressed.
In February for instance, VMware patched three vulnerabilities in its virtual-machine infrastructure for data centers, including a remote code execution (RCE) flaw in its vCenter Server management platform.
The vulnerability could allow attackers to breach the external perimeter of an enterprise data center or leverage backdoors already installed on a system, to find other vulnerable points of network entry to take over affected systems.

Remediations:

Companies are urged to update to the latest version, version 1.0.2, of the VMware Carbon Black Cloud Workload appliance, which contains a fix.

Users should also limit access to the local administrative interface of the appliance to only those that need it, VMware recommended.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Critical Auth Bypass Bug Found in VMware Data Centre Security Product

Affected CVE-2021-21982

How does the exploitation work?

Remediations:

Security Team

Related Posts

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign

Our Offices

Corporate Office (HO):

UK Office:

Registered Office (Delhi):

Noida Office:

Phone:

Email

Click To Download

Download CyberSRC Services & Portfolio & Datasheets

Download Case Studies

Download Company Brochure