Rewterz Threat Alert – Raccoon Infostealer – Active IOCs
June 28, 2021Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
June 28, 2021Rewterz Threat Alert – Raccoon Infostealer – Active IOCs
June 28, 2021Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
June 28, 2021Severity
High
Analysis Summary
CVE-2021-21998
VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate.
Impact
- Bypass Security
- Gain Privileges
Affected Vendors
VMware
Affected Products
- VMware Carbon Black App Control (AppC)
Remediation
Refer to VMware Security Advisory VMSA-2021-0012 for the patch, upgrade, or suggested workaround information.
https://www.vmware.com/security/advisories/VMSA-2021-0012.html