VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system.
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2023-0004.html | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: vmware
Published: 2023-02-21T00:00:00
Updated: 2023-02-21T00:00:00
Reserved: 2022-11-01T00:00:00
Link: CVE-2023-20858
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-02-22T00:15:11.570
Modified: 2023-03-03T14:01:06.667
Link: CVE-2023-20858
JSON object: View
Redhat Information
No data.
CWE