Vulnerabilities > Vmware > Carbon Black APP Control > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-23 CVE-2022-22952 Unrestricted Upload of File with Dangerous Type vulnerability in VMWare Carbon Black APP Control
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability.
network
low complexity
vmware CWE-434
critical
 9.1
9.1
2022-03-23 CVE-2022-22951 OS Command Injection vulnerability in VMWare Carbon Black APP Control
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability.
network
low complexity
vmware CWE-78
critical
 9.1
9.1
2021-06-23 CVE-2021-21998 Improper Authentication vulnerability in VMWare Carbon Black APP Control
VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass.
network
low complexity
vmware CWE-287
critical
 9.8
9.8