Rewterz

Rewterz Threat Advisory – CVE-2021-20491 – IBM Spectrum Protect Server Vulnerability

April 19, 2021
Rewterz

Rewterz Threat Advisory – CVE-2021-29443 – Node.js jose Module Vulnerability

April 19, 2021

Rewterz Threat Advisory – CVE-2021-21981 – VMware NSX-T Vulnerability

Severity

Medium

Analysis Summary

CVE-2021-21981

VMware NSX-T allows an attacker with a local guest user account to assign privileges higher than their own permission level. The attacker can exploit the RBAC (Role-based access control) role assignment to gain privilege escalation. The vulnerability is exploited through a local guest user account and is not activated by default.

Impact

Privilege Escalation

Affected Vendors

VMware

Affected Products

VMware NSX-T

Remediation

Patches to remedy this vulnerability are available at

https://kb.vmware.com/s/article/83047

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.