Injection vulnerability in VMware Carbon Black App Control

Threat Advisories

Injection vulnerability in VMware Carbon Black App Control

Threat Level
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

There is an injection vulnerability in VMware, specifically in the Carbon Black App Control product. If a malicious actor, who has privileged access to the App Control administration console, utilizes specially crafted input, they might be able to gain access to the underlying server operating system.