Описание
VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. Successful exploitation of this issue would result in the attacker being able to view and alter administrative configuration settings.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
Связанные уязвимости
VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. Successful exploitation of this issue would result in the attacker being able to view and alter administrative configuration settings.
Уязвимость интерфейса администрирования облачной платформы обеспечения безопасности VMware Carbon Black Cloud Workload, позволяющая нарушителю повысить свои привилегии
EPSS
9.1 Critical
CVSS3
6.4 Medium
CVSS2