Lucene search
VmwareCVELIST:CVE-2022-22952HistoryMar 23, 2022 - 7:46 p.m.
CVE-2022-22952
2022-03-2319:46:47
vmware
www.cve.org
1
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code on the Windows instance where AppC Server is installed by uploading a specially crafted file.
CNA Affected
[
{
"product": "VMware Carbon Black App Control (AppC)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2)"
}
]
}
]Related
nvd
nvd
CVE-2022-22952
2022-03-23 20:15:10
cve
cve
CVE-2022-22952
2022-03-23 20:15:10
prion
prion
Unrestricted file upload
2022-03-23 20:15:00
nessus
nessus
vmware
vmware
thn
thn
VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control
2022-03-24 03:38:00
VMware Patches Critical Vulnerability in Carbon Black App Control Product
2023-02-22 04:55:00