According to a report from a security researcher who found the bug, a crucial vulnerability lately addressed in the VMware Carbon Black Cloud Workload could be exploited to perform code on a vulnerable server.
Traced as CVE-2021-21982 and highlighting a CVSS score of 9.1, the newly addressed vulnerability dwells in the administrative interface for the tool and exists because attackers could avoid authentication by manipulating a URL on the interface.
Besides, the company also explains that an attacker who can successfully abuse the vulnerability would be capable of seeing and intruding the administrative configuration settings.
To Read More: Security Week