VMware fixed vulnerabilities in Carbon Black Cloud Workload and vROps

VMware has patched several major vulnerabilities in the Carbon Black Cloud Workload and VMware vRealize Operations (vROps).

The vulnerability in Carbon Black Cloud Workload was identified as CVE-2021-21982 and scored 9.1 out of 10 on the CVSS v3. The bug was discovered by Yegor Dimitrenko from Positive Technologies and is associated with the administrative interface. It allows attackers to bypass authentication by manipulating the URL in the interface.

An attacker with network access to the VMware Carbon Black Cloud Workload administrative interface could obtain a valid authentication token that grants access to the API.the official bulletin says.

Thus, an attacker could exploit the error to execute arbitrary code on the server.

Dmitrienko also identified two vulnerabilities in VMware vRealize Operations (vROps), solutions for monitoring and optimizing the performance of virtual infrastructure, as well as troubleshooting it.

A more dangerous vulnerability was discovered in the vROps API. The bug with the identifier CVE-2021-21975 and the CVSS v3 score of 8.6 is classified as SSRF vulnerability, that is, it allows forgery of requests on the server side. With its help, any unauthorized attacker can steal administrator credentials and gain access to the application with maximum privileges, which allows changing the application’s configuration and intercepting any data in it.

The main risk is that administrator privileges allow exploiting the second vulnerability – CVE-2021-21983 (arbitrary file write, rating 7.2), which will make it possible to execute any commands on the server. As a result, the combination of the two security flaws increases the danger of the situation, as it effectively allows an unauthorized attacker to seize control of the server and begin further advancement in the company’s infrastructure. The combination of these two vulnerabilities is comparable in threat level to the CVE-2021-21972 bug in VMware vCenter that we discovered earlier.Yegor Dimitrenko explains.

Among the reasons for the emergence of vulnerabilities like CVE-2021-21975, the researcher names the desire of developers to solve the tasks assigned to them in the most convenient ways, which are not always effective from a security point of view.

The CVE-2021-21983 vulnerability is often caused by insufficient filtering of user input.

Let me also remind you that we wrote that VMware closes RCE vulnerability in ESXi and Horizon.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.