all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Vulnerability in VMware Carbon Black App Control Could Allow for Authentication Bypass

Add to bookmarks
Jan. 7, 2022, 10:37 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in VMware Carbon Black App Control, which could result in an authentication bypass. VMware Carbon Black App Control is a application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates. An attacker with access to the AppC management server could bypass authentication and gain unauthorized access which could then allow the attacker to perform actions as an administrator.

app authentication authentication bypass bypass carbon carbon black control vmware vulnerability

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Oracle Quarterly Critical Patches Issued April 16, 2024 5 days, 10 hours ago | www.cisecurity.org
april code code execution critical +7
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 5 days, 13 hours ago | www.cisecurity.org
authentication avalanche code code execution +23
Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 5 days, 18 hours ago | www.cisecurity.org
attacker chrome code code execution +9
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 6 days, 15 hours ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +17
A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 1 week, 3 days ago | www.cisecurity.org
alto arbitrary code arbitrary code execution code +16
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 week, 5 days ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 1 week, 6 days ago | www.cisecurity.org
adobe adobe after effects adobe commerce after effects +14
Critical Patches Issued for Microsoft Products, April 09, 2024 1 week, 6 days ago | www.cisecurity.org
accounts april attacker change +14
A Vulnerability in Broadcom Brocade Fabric OS Could Allow for Arbitrary Code Execution 2 weeks, 3 days ago | www.cisecurity.org
arbitrary code arbitrary code execution area broadcom +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

L2-Network Security Administrator

@ Kyndryl | KIN51515 Mumbai (KIN51515) We Work
View on infosec-jobs.com

Head of Cybersecurity Advisory and Architecture

@ CMA CGM | Marseille, FR
View on infosec-jobs.com

Systems Engineers/Cyber Security Engineers/Information Systems Security Engineer

@ KDA Consulting Inc | Herndon, Virginia, United States
View on infosec-jobs.com

R&D DevSecOps Staff Software Development Engineer 1

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com
View more jobs