Rewterz Threat Update – Threat Intelligence Insights – 23rd March
March 23, 2022Rewterz Threat Advisory – Multiple McAfee ePolicy Orchestrator Vulnerability
March 24, 2022Rewterz Threat Update – Threat Intelligence Insights – 23rd March
March 23, 2022Rewterz Threat Advisory – Multiple McAfee ePolicy Orchestrator Vulnerability
March 24, 2022Severity
High
Analysis Summary
CVE-2022-22951
VMware Carbon Black App Control could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2022-22952
VMware Carbon Black App Control could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the AppC Server component. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system.
Impact
- Command Execution
- Unauthorized Access
Indicator Of Compromise
CVE
- CVE-2022-22951
- CVE-2022-22952
Affected Vendors
VMware
Affected Products
- VMware Carbon Black App Control 8.8
- VMware Carbon Black App Control 8.7
- VMware Carbon Black App Control 8.6
- VMware Carbon Black App Control 8.5
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.