VMware issued an advisory informing users about a critical bug that exists in all versions of its VMware Carbon Black Cloud Workload product before 1.0.1 and could be exploited by attackers to evade authentication and take over the system, The Hacker News reports.
Tracked as CVE-2021-21982 and having a 9.1 rating under the CVSS scoring system, the vulnerability involves a URL on the VMware Carbon Black Cloud Workload appliance’s administrative interface that can be “manipulated to bypass authentication” and grant a threat actor access to the appliance’s administration API, and from there view and modify administrative configuration settings, VMware said in its release.
VMware has released a fix for the vulnerability as well as for two unrelated flaws in its vRealize Operations Manager software, CVE-2021-21975 and CVE-2021-21983, which attackers could use to perform Server Side Request Forgery attacks to steal administrator credentials and insert files into the underlying photon operating system, the company said.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Major file hosting service Dropbox had information from users of Dropbox Sign, previously known as HelloSign, compromised following a cyberattack against the e-signature service provider late last month, reports The Record, a news site by cybersecurity firm Recorded Future.
Security Affairs reports that attacks with the novel Cuttlefish malware have been deployed against enterprise-grade small office/home office routers between October 2023 and April 2024 to facilitate the exfiltration of public cloud authentication information.