VMware issued an advisory informing users about a critical bug that exists in all versions of its VMware Carbon Black Cloud Workload product before 1.0.1 and could be exploited by attackers to evade authentication and take over the system, The Hacker News reports.
Tracked as CVE-2021-21982 and having a 9.1 rating under the CVSS scoring system, the vulnerability involves a URL on the VMware Carbon Black Cloud Workload appliance’s administrative interface that can be “manipulated to bypass authentication” and grant a threat actor access to the appliance’s administration API, and from there view and modify administrative configuration settings, VMware said in its release.
VMware has released a fix for the vulnerability as well as for two unrelated flaws in its vRealize Operations Manager software, CVE-2021-21975 and CVE-2021-21983, which attackers could use to perform Server Side Request Forgery attacks to steal administrator credentials and insert files into the underlying photon operating system, the company said.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Organizations could have their sensitive information compromised through a high-severity vulnerability in Google Cloud, Azure, and Amazon Web Services command line interface tools dubbed "LeakyCLI", The Hacker News reports.
Attacks by the Muddled Libra threat operation — also known as UNC3944, Scattered Spider, Scatter Swine, and Starfraud — have been redirected at cloud service providers and software-as-a-service apps as part of efforts to bolster its data extortion efforts, reports The Hacker News.