Web: https://www.cisecurity.org/advisory/a-vulnerability-in-vmware-carbon-black-app-control-could-allow-for-authentication-bypass_2021-083

Jan. 7, 2022, 10:37 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center cisecurity.org

A vulnerability has been discovered in VMware Carbon Black App Control, which could result in an authentication bypass. VMware Carbon Black App Control is a application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates. An attacker with access to the AppC management server could bypass authentication and gain unauthorized access which could then allow the attacker to perform actions as an administrator.

app authentication authentication bypass black bypass carbon carbon black control vmware vulnerability

More from cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Head of Information Security

@ Canny | Remote

Information Technology Specialist (INFOSEC)

@ U.S. Securities & Exchange Commission | Washington, D.C.

Information Security Manager - $90K-$180K - MANAG002176

@ Sound Transit | Seattle, WA

Sr. Software Security Architect

@ SAS | Remote

Senior Incident Responder

@ CipherTechs, Inc. | Remote

Data Security DevOps Engineer Senior/Intermediate

@ University of Michigan - ITS | Ann Arbor, MI