Rewterz Threat Advisory – Multiple Zoom Vulnerabilities

November 11, 2021

Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs

November 11, 2021

Rewterz Threat Advisory – CVE-2021-22101 – VMware Tanzu Application Service

November 11, 2021

Severity

High

Analysis Summary

CVE-2021-22101

VMware Tanzu Application Service for VMs uses Cloud Controller (CAPI) from Cloud Foundry which is vulnerable to an unauthenticated denial-of-service(DoS) vulnerability. A remote attacker can leverage this vulnerability to cause denial of service by using REST HTTP requests and generating an enormous SQL query leading to database (ccdb) unavailability.

Impact

Denial of Service

Affected Vendors

VMware

Affected Products

VMware Tanzu Application Service for VMs 2.12.x
VMware Tanzu Application Service for VMs 2.11.x
VMware Tanzu Application Service for VMs 2.10.x
VMware Tanzu Application Service for VMs 2.9.x
VMware Tanzu Application Service for VMs 2.7.x

Remediation

Refer to VMware advisory for the complete list of affected products and their respective patches.

https://www.vmware.com/security/advisories/VMSA-2021-0026.html

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Multiple IBM Products Vulnerabilities

Multiple WordPress Plugins Vulnerabilities

ICS: Johnson Controls ICU Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Zoom Vulnerabilities

Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.