N/A

VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may be able to execute commands on the server due to improper input validation leading to remote code execution.

N/A

N/A

VMware Carbon Black App Control 操作系统命令注入漏洞

VMware Carbon Black App Control是美国VMware公司的一款应用控制产品。用于锁定服务器和关键系统，防止不必要的更改。 VMware Carbon Black App Control 存在操作系统命令注入漏洞，该漏洞源于不正确的输入验证导致远程代码执行，一个经过身份验证的、具有对 VMware App Control 管理界面的网络访问权限的高特权攻击者可能能够在服务器上执行命令。以下产品和版本受到影响：8.5.14 之前的 8.5.x、8.6.6 之前的 8.6.x、8.7

N/A

N/A