Vulnerability Description
VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. Successful exploitation of this issue would result in the attacker being able to view and alter administrative configuration settings.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Carbon Black Cloud Workload | <= 1.0.1 |
| Linux | Linux Kernel | - |
Related Weaknesses (CWE)
References
- https://www.vmware.com/security/advisories/VMSA-2021-0005.htmlPatchVendor Advisory
- https://www.vmware.com/security/advisories/VMSA-2021-0005.htmlPatchVendor Advisory
FAQ
What is CVE-2021-21982?
CVE-2021-21982 is a vulnerability with a CVSS score of 9.1 (CRITICAL). VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMwar...
How severe is CVE-2021-21982?
CVE-2021-21982 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-21982?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Carbon Black Cloud Workload, Linux Linux Kernel.