{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2021-030.pdf"
    },
    "title": "Critical Vulnerability in Vmware Product",
    "serial_number": "2021-030",
    "publish_date": "24-06-2021 12:00:00",
    "description": "On 22nd of June 2021, VmWare released an advisory to address an authentication bypass vulnerability in VMware Carbon Black App Control (AppC). Severity of this vulnerability is critical with a CVSSv3.1 Base Score: 9.4.",
    "url_title": "2021-030",
    "content_markdown": "---\ntitle: 'Critical Vulnerability in\u00a0Vmware\u00a0Product'\nversion: '1.0'\nnumber: '2021-030'\ndate: 'June 24, 2021'\n---\n\n_History:_\n\n* _24/06/2021 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn 22nd of June 2021, VmWare released an advisory to address an authentication bypass vulnerability in VMware Carbon Black App Control (AppC). Severity of this vulnerability is **critical** with a CVSSv3.1 Base Score: 9.4 [1].\n\n# Technical Details\n\nThe VMware Carbon Black App Control management server has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate [1].\n\nThe vulnerability is identified as CVE-2021-21998 [2].\n\n# Products Affected\n\nVMware Carbon Black App Control (AppC) versions [1]:\n\n- 8.6.x (fixed in 8.6.2),\n- 8.5.x (fixed in 8.5.8),\n- 8.1.x, 8.0.x (fixed only through a Hotfix)\n\n# Recommendations\n\nCERT-EU recommends updating the vulnerable application as soon as possible using the patches listed in [1].\n\n## Workarounds and Mitigations\n\nThere are no workarounds announced for this vulnerability.\n\n# References\n\n[1] <https://www.vmware.com/security/advisories/VMSA-2021-0012.html>\n\n[2] <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21998>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>24/06/2021 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On 22nd of June 2021, VmWare released an advisory to address an authentication bypass vulnerability in VMware Carbon Black App Control (AppC). Severity of this vulnerability is <strong>critical</strong> with a CVSSv3.1 Base Score: 9.4 [1].</p><h2 id=\"technical-details\">Technical Details</h2><p>The VMware Carbon Black App Control management server has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate [1].</p><p>The vulnerability is identified as CVE-2021-21998 [2].</p><h2 id=\"products-affected\">Products Affected</h2><p>VMware Carbon Black App Control (AppC) versions [1]:</p><ul><li>8.6.x (fixed in 8.6.2),</li><li>8.5.x (fixed in 8.5.8),</li><li>8.1.x, 8.0.x (fixed only through a Hotfix)</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU recommends updating the vulnerable application as soon as possible using the patches listed in [1].</p><h3 id=\"workarounds-and-mitigations\">Workarounds and Mitigations</h3><p>There are no workarounds announced for this vulnerability.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.vmware.com/security/advisories/VMSA-2021-0012.html\">https://www.vmware.com/security/advisories/VMSA-2021-0012.html</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21998\">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21998</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}