Critical Auth Bypass Bug Found in VMWare Data Centre Security Product

Nested Applications

Asset Publisher

News

As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets.

Microsoft on Tuesday released another round of security updates for Windows operating system and other supported software, squashing 50 vulnerabilities, including six zero-days that are said to be under active attack.

A combination of poorly configured networks and new rules on internet domain names are giving cybercriminals a new and easy way to attack entire organizations

Fancy Product Designer, a WordPress plugin installed on over 17,000 sites, has been discovered to contain a critical file upload vulnerability that's being actively exploited in the wild to upload malware onto sites that have the plugin installed.

VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server.

We are a member of First

We are a member of First

 

 

contactpic

 

 

Most Viewed Assets

null Critical Auth Bypass Bug Found in VMWare Data Centre Security Product

A critical vulnerability in the VMware Carbon Black Cloud Workload appliance could be exploited to bypass authentication and take control of vulnerable systems.

 

Tracked as CVE-2021-21982, the flaw is rated 9.1 out of a maximum of 10 in the CVSS scoring system and affects all versions of the product prior to 1.0.1.

 

Carbon Black Cloud Workload is a data center security product from VMware that aims to protect critical servers and workloads hosted on vSphere, the company's cloud-computing virtualization platform.

 

"A URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance can be manipulated to bypass authentication," VMware said in its advisory, thereby allowing an adversary with network access to the interface to gain access to the administration API of the appliance.

 

Armed with the access, a malicious actor can then view and alter administrative configuration settings.

 

In addition to releasing a fix for CVE-2021-21982, VMware has also addressed two separate bugs in its vRealize Operations Manager solution that an attacker could exploit with network access to the API to carry out Server Side Request Forgery (SSRF) attacks to steal administrative credentials (CVE-2021-21975) and write files to arbitrary locations on the underlying photon operating system (CVE-2021-21983).

 

The product is primarily designed to monitor and optimize the performance of the virtual infrastructure and support features such as workload balancing, troubleshooting, and compliance management.

 

"The main risk is that administrator privileges allow attackers to exploit the second vulnerability—CVE-2021-21983 (an arbitrary file write flaw, scored 7.2), which allows executing any commands on the server". "The combination of two security flaws makes the situation even more dangerous, as it allows an unauthorized attacker to obtain control over the server and move laterally within the infrastructure."

 

VMware has released patches for vRealize Operations Manager versions 7.0.0, 7.5.0, 8.0.1, 8.1.1, 8.2.0 and 8.3.0. The company has also published workarounds to mitigate the risks associated with the flaws in scenarios where the patch cannot be installed or is not available.

Nested Applications

Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270

                            +251-993531965

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Asset Publisher

tools

Nested Applications

Asset Publisher

values

Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving