On December 12, Fortinet reported on a heap-based buffer overflow...
Impacted Products
This vulnerability affects versions 8.0, 8.1, 8.5, and 8.6.
The VMware Carbon Black App Control management server has an authentication bypass. VMware has evaluated the severity of this issue to be in the critical severity range with a maximum CVSSv3 base score of 9.4.
Known Attack Vectors
A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate.
Further Information
The details of the vulnerability and how to patch it are available in the following VMware Security Advisory - https://www.vmware.com/security/advisories/VMSA-2021-0012.html.
Please take the time to review the VMSA if you haven’t already.
Due to the nature of this vulnerability, VMware strongly recommends that the applicable patch be applied immediately. Please visit the VMSA for details on the necessary steps to patch this vulnerability.
Resolution
To remediate CVE-2021-21998, please contact us as soon as possible.
On December 12, Fortinet reported on a heap-based buffer overflow...
לא משנה כמה חזקה ההגנה שלנו תהיה, לפעמים דברים ישתבשו...
This video link has expired. Please contact Michelle at [email protected]...