CVE-2021-21998

Name of the Vulnerable Software and Affected Versions VMware Carbon Black App Control versions 8.0 through 8.1 VMware Carbon Black App Control versions 8.5 through 8.5.7 VMware Carbon Black App Control versions 8.6 through 8.6.1

Description The issue is related to authentication errors in the VMware Carbon Black App Control server. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate.

Recommendations For versions 8.0 and 8.1, update to a version later than 8.1. For versions 8.5 through 8.5.7, update to version 8.5.8 or later. For versions 8.6 through 8.6.1, update to version 8.6.2 or later.