VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may be able to execute commands on the server due to improper input validation leading to remote code execution.
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2022-0008.html | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: vmware
Published: 2022-03-23T19:46:46
Updated: 2022-03-23T19:46:46
Reserved: 2022-01-10T00:00:00
Link: CVE-2022-22951
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-23T20:15:10.797
Modified: 2022-03-29T18:07:19.457
Link: CVE-2022-22951
JSON object: View
Redhat Information
No data.
CWE