![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-20855 – VMware vRealize Orchestrator XML external Vulnerability
February 22, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-25928 – IBM InfoSphere Information Server Vulnerability
February 22, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-20855 – VMware vRealize Orchestrator XML external Vulnerability
February 22, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-25928 – IBM InfoSphere Information Server Vulnerability
February 22, 2023Severity
High
Analysis Summary
CVE-2023-20858
VMware Carbon Black App Control (App Control) could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an injection vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-20858
Affected Vendors
VMware
Affected Products
- VMware Carbon Black App Control 8.9
- VMware Carbon Black App Control 8.8
- VMware Carbon Black App Control 8.7
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.