3. Injection Vulnerability (CVE-2023-20858)
VMware Carbon Black App Control contains an injection vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.1.
CPE | Name | Operator | Version |
---|---|---|---|
app control | lt | 8.9.4 | |
app control | lt | 8.8.6 | |
app control | lt | 8.7.8 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20858
docs.vmware.com/en/VMware-Carbon-Black-App-Control/services/cb-ac-announcements/GUID-35DA49E4-41F3-485B-88E5-AE69B354F2FB.html
docs.vmware.com/en/VMware-Carbon-Black-App-Control/services/cb-ac-announcements/GUID-7464A525-BCF4-4329-9228-B040C9C16D22.html
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H