1 results (0.001 seconds)
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20858
https://notcve.org/view.php?id=CVE-2023-20858
VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system. • https://www.vmware.com/security/advisories/VMSA-2023-0004.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •