CVE-2023-20858

Published: Feb 21, 2023

Modified: Mar 17, 2025

PUBLISHED

Description

VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system.

Vendor	Product	Versions
n/a	VMware Carbon Black App Control	affected `VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4`

References

https://www.vmware.com/security/advisories/VMSA-2023-0004.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-20858

Description

Affected Products

References