Security News > 2021 > June > VMware fixes authentication bypass in Carbon Black App Control
VMware Carbon Black App Control has been updated this week to fix a critical-severity vulnerability that allows access to the server without authentication.
Carbon Black App Control is designed for corporate environments, to harden the security of systems both old and new, and protect them against unauthorized modifications, such as those generated by malware or zero-day exploits.
Tracked as CVE-2021-21998, the vulnerability is an authentication bypass affecting VMware Carbon Black App Control versions 8.0, 8.1, 8.5 before 8.5.8, and 8.6 before 8.6.2.
Threat actors with access to the AppC management server could exploit the bug to gain administrative privileges without the need to authenticate, informs the security advisory from VMware.
Apart from fixing CVE-2021-21998, VMware also patched a local privilege escalation bug affecting VMware Tools for Windows, VMware Remote Console for Windows, and VMware App Volumes.
"An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf' in an unrestricted directory which would allow code to be executed with elevated privileges," - VMware.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-23 | CVE-2021-21998 | Improper Authentication vulnerability in VMWare Carbon Black APP Control VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. | 9.8 |