6.4
CVSSv2

CVE-2021-21982

Published: 01/04/2021 Updated: 06/04/2021
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

VMware Carbon Black Cloud Workload appliance could allow a remote malicious user to bypass security restrictions, caused by the manipulation of a URL on the administrative interface. An attacker could exploit this vulnerability to bypass the authentication process.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware carbon_black_cloud_workload

Recent Articles

Critical Cloud Bug in VMWare Carbon Black Allows Takeover
Threatpost • Tara Seals • 06 Apr 2021

A critical security vulnerability in the VMware Carbon Black Cloud Workload appliance would allow privilege escalation and the ability to take over the administrative rights for the solution.
The bug (CVE-2021-21982) ranks 9.1 out of 10 on the CVSS vulnerability-severity scale.
The VMware Carbon Black Cloud Workload platform is designed to provide cybersecurity defense for virtual servers and workloads that are hosted on the VMware’s vSphere platform. vSphere is VMware’s cloud-co...

VMware fixes authentication bypass in data center security software
BleepingComputer • Sergiu Gatlan • 01 Apr 2021

VMware has addressed a critical vulnerability in the VMware Carbon Black Cloud Workload appliance that could allow attackers to bypass authentication after exploiting vulnerable servers.
VMware Carbon Black Cloud Workload is a Linux data center security software designed to protect workloads running in virtualized environments.
It also bundles endpoint protection capabilities, including endpoint detection and response (EDR), next-gen antivirus, and real-time threat hunting.
Th...