VMware has addressed a critical vulnerability, tracked as CVE-2021-21982, in the VMware Carbon Black Cloud Workload appliance that could be exploited by attackers to bypass authentication.
An attacker can manipulate an URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance to bypass authentication. The flaw, rated as Critical severity, was rated with a CVSSv3 base score of 9.1.