CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0978
https://notcve.org/view.php?id=CVE-2023-0978
A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack • https://kcm.trellix.com/corporate/index?page=content&id=SB10397 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0400
https://notcve.org/view.php?id=CVE-2023-0400
The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and blocked the attempted upload of sensitive data. • https://github.com/pinpinsec/CVE-2023-0400 https://kcm.trellix.com/corporate/index?page=content&id=SB10394&locale=en_US • CWE-427: Uncontrolled Search Path Element CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2023-0214 – XSS in Skyhigh Security SWG
https://notcve.org/view.php?id=CVE-2023-0214
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG. Una vulnerabilidad de cross site scripting en Skyhigh SWG en las versiones principales desde la 11.x a la 11.2.6, 10.x a la 10.2.17 y la versión controlada 12.x a la 12.0.1 permite a un atacante remoto crear solicitudes internas SWG con rutas URL a cualquier sitio web de terceros, lo que provoca que se inyecte contenido arbitrario en la respuesta cuando se accede a través de SWG. Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure Web Gateway. While it is possible to inject arbitrary content types, the primary risk arises from JavaScript code allowing for cross site scripting. • https://www.exploit-db.com/exploits/51237 https://kcm.trellix.com/corporate/index?page=content&id=SB10393 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4326 – Trellix xAgent permission bypass vulnerability
https://notcve.org/view.php?id=CVE-2022-4326
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. La vulnerabilidad de preservación inadecuada de permisos en Trellix Endpoint Agent (xAgent) anterior a V35.31.22 en Windows permite a un usuario local con privilegios de administrador omitir la protección del producto para desinstalar el agente mediante permisos aplicados incorrectamente en la funcionalidad de protección de eliminación. • https://docs.trellix.com/bundle/xagent_35-31-22_rn/page/UUID-73c848e7-6107-fe11-d83d-b17bd5b1449c.html • CWE-281: Improper Preservation of Permissions •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3859
https://notcve.org/view.php?id=CVE-2022-3859
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there. Existe una vulnerabilidad de Ruta de Búsqueda No Controlada en Trellix Agent (TA) para Windows en versiones anteriores a la 5.7.8. Esto permite que un atacante con acceso de administrador, que debe colocar la DLL en la carpeta restringida del Sistema de Windows, eleve sus privilegios a System colocando una DLL maliciosa allí. • https://kcm.trellix.com/corporate/index?page=content&id=SB10391 • CWE-427: Uncontrolled Search Path Element •