Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

carbon black vulnerabilities and exploits

(subscribe to this query)
6.8
CVSSv2
CVE-2014-1615
Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black prior to 4.1.0 allow remote malicious users to hijack the authentication of administrators for requests that add new administrative users and have other unspecified action, as demonstrated by a request to ...
Carbonblack Carbon Black 4.0.3Carbonblack Carbon Black 4.1.0Carbonblack Carbon Black
7.5
CVSSv2
CVE-2021-21998
VMware Carbon Black App Control 8.0, 8.1, 8.5 before 8.5.8, and 8.6 before 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the n...
Vmware Carbon Black App Control 8.0Vmware Carbon Black App Control 8.1Vmware Carbon Black App Control
4.3
CVSSv2
CVE-2018-10407
An issue exists in Carbon Black Cb Response. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but th...
Carbonblack Carbon Black Cb
10
CVSSv2
CVE-2016-9568
A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions.
Carbonblack Carbon Black 5.1.1.60603
4.9
CVSSv2
CVE-2016-9569
The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call.
Carbonblack Carbon Black 5.1.1.60603
5
CVSSv2
CVE-2016-9570
cb.exe in Carbon Black 5.1.1.60603 allows malicious users to cause a denial of service (out-of-bounds read, invalid pointer dereference, and application crash) by leveraging access to the NetMon named pipe.
Carbonblack Carbon Black 5.1.1.60603
9
CVSSv2
CVE-2022-22951
VMware Carbon Black App Control (8.5.x before 8.5.14, 8.6.x before 8.6.6, 8.7.x before 8.7.4 and 8.8.x before 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration inte...
Vmware Carbon Black App Control
9
CVSSv2
CVE-2022-22952
VMware Carbon Black App Control (8.5.x before 8.5.14, 8.6.x before 8.6.6, 8.7.x before 8.7.4 and 8.8.x before 8.8.2) contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code o...
Vmware Carbon Black App Control
6.4
CVSSv2
CVE-2021-21982
VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. ...
Vmware Carbon Black Cloud Workload
NA
CVE-2023-20858
VMware Carbon Black App Control 8.7.x before 8.7.8, 8.8.x before 8.8.6, and 8.9.x.before 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the ...
Vmware Carbon Black App Control
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook