4 matches found
CVE-2022-22952
CVE-2022-22952 affects VMware Carbon Black App Control. Affected only when an attacker has administrative access to the App Control administration interface: uploading a specially crafted file can lead to code execution on the Windows AppC Server. Affected versions are 8.5.x before 8.5.14, 8.6.x ...
CVE-2023-20858
CVE-2023-20858 affects VMware Carbon Black App Control management servers in versions 8.7.x before 8.7.8, 8.8.x before 8.8.6, and 8.9.x before 8.9.4. The issue is described as an injection vulnerability where a user with privileged access to the App Control administration console can supply speci...
CVE-2022-22951
CVE-2022-22951 affects VMware Carbon Black App Control (versions 8.5.x prior to 8.5.14; 8.6.x prior to 8.6.6; 8.7.x prior to 8.7.4; 8.8.x prior to 8.8.2). The vulnerability is an OS command injection caused by improper input validation that could allow an authenticated, highly privileged attacker...
CVE-2021-21998
CVE-2021-21998 affects VMware Carbon Black App Control on versions 8.0, 8.1, 8.5 before 8.5.8, and 8.6 before 8.6.2. The issue is an authentication bypass that could let a network-accessible attacker obtain administrative access without authentication. Relevant sources note fixes: App Control 8.5...