VMware Carbon Black App Control has been updated this week to fix a critical-severity vulnerability that allows access to the server without authentication. The vulnerability is an authentication bypass affecting versions 8.0, 8.1.1. The severity score for the vulnerability has been calculated to 9.4, making it a critical issue that users and administrators should prioritize. An attacker could leverage the vulnerability to target anything from point-of-sales (PoS) to industrial control systems. There are no workarounds available, and fixing the issue is possible by installing the hotfix.
Source: https://www.bleepingcomputer.com/news/security/vmware-fixes-authentication-bypass-in-carbon-black-app-control/