Multiple vulnerabilities were identified in VMware Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, data manipulation, security restriction bypass and sensitive information disclosure on the targeted system.
Impact
Elevation of Privilege
Information Disclosure
Data Manipulation
Security Restriction Bypass
System / Technologies affected
VMware vRealize Orchestrator
VMware vRealize Automation
VMware Carbon Black App Control (App Control)
VMware Cloud Foundation (Cloud Foundation)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
https://www.vmware.com/security/advisories/VMSA-2023-0004.html
https://www.vmware.com/security/advisories/VMSA-2023-0005.html