Rewterz Threat Advisory – CVE-2023-20855 – VMware vRealize Orchestrator XML external Vulnerability
February 22, 2023Rewterz Threat Advisory – CVE-2023-25928 – IBM InfoSphere Information Server Vulnerability
February 22, 2023Rewterz Threat Advisory – CVE-2023-20855 – VMware vRealize Orchestrator XML external Vulnerability
February 22, 2023Rewterz Threat Advisory – CVE-2023-25928 – IBM InfoSphere Information Server Vulnerability
February 22, 2023Severity
High
Analysis Summary
CVE-2023-20858
VMware Carbon Black App Control (App Control) could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an injection vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-20858
Affected Vendors
VMware
Affected Products
- VMware Carbon Black App Control 8.9
- VMware Carbon Black App Control 8.8
- VMware Carbon Black App Control 8.7
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.