Critical Cloud Bug in VMWare Carbon Black Allows Takeover

2021-04-06 20:55

A critical security vulnerability in the VMware Carbon Black Cloud Workload appliance would allow privilege escalation and the ability to take over the administrative rights for the solution.

The VMware Carbon Black Cloud Workload platform is designed to provide cybersecurity defense for virtual servers and workloads that are hosted on the VMware's vSphere platform.

"A URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance can be manipulated to bypass authentication," the company noted.

Companies are urged to update to the latest version, version 1.0.2, of the VMware Carbon Black Cloud Workload appliance, which contains a fix.

The security hole is only the latest critical problem that VMware has addressed.

In February for instance, VMware patched three vulnerabilities in its virtual-machine infrastructure for data centers, including a remote code execution flaw in its vCenter Server management platform.

News URL

https://threatpost.com/critical-cloud-bug-vmware-carbon-black/165278/

#carbonblack #cloud #critical #takeover #vmware

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Vmware		186	84	404	199	101	788

News URL

Related news

Related vendor