Improper Authentication on VMware Carbon Black App Control.
[ CVE Description ]
[*] CVE_ID : CVE-2021-21998
[_] Desc : VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate.
[_] C:2021-01-04 / P:2021-06-23 / L:2021-06-30
[*] Vuln Risk : 55.7273
[*] Exploited [trend] : 0 [holding]
[_] Exploit/likehood : False/0.0789% confidence
[*] Malware sample : 0
[*] Exploits/POC : [0]
[_] Fixes : [0]
[_] Threat Actors : [0]
[_] CVSS2 / CVSS3 : [ 7.5 / 9.8 ]
[_] Vuln Products : [3]
[ CVE Malware Family Info : None ]
[ High_Profile_Vulnerability ]
[!!!] CVE-2021-21998 (55.7273) : []
** [5] threads completed [2 tasks] / [1.98 KB] within [2.90 sec].