CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0617
https://notcve.org/view.php?id=CVE-2025-0617
29 Jan 2025 — An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service. • https://thrive.trellix.com/s/article/000014214 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9679
https://notcve.org/view.php?id=CVE-2024-9679
16 Dec 2024 — A Hardcoded Cryptographic key vulnerability existed in DLP Extension 11.11.1.3 which allowed the decryption of previously encrypted user credentials. • https://thrive.trellix.com/s/article/000013964 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9678
https://notcve.org/view.php?id=CVE-2024-9678
16 Dec 2024 — An SQL Injection vulnerability existed in DLP Extension 11.11.1.3. The vulnerability allowed an attacker to perform arbitrary SQL queries potentially leading to command execution. • https://thrive.trellix.com/s/article/000013964 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11482
https://notcve.org/view.php?id=CVE-2024-11482
29 Nov 2024 — A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user. • https://thrive.trellix.com/s/article/000014058#h2_0 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11481
https://notcve.org/view.php?id=CVE-2024-11481
29 Nov 2024 — A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API. This leads to improper handling of path traversal, insecure forwarding to an AJP backend without adequate validation, and lack of authentication for accessing internal API endpoints. • https://thrive.trellix.com/s/article/000014058 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5957
https://notcve.org/view.php?id=CVE-2024-5957
05 Sep 2024 — This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager. • https://thrive.trellix.com/s/article/000013870 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5956
https://notcve.org/view.php?id=CVE-2024-5956
05 Sep 2024 — This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly • https://thrive.trellix.com/s/article/000013870 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2024-5671
https://notcve.org/view.php?id=CVE-2024-5671
14 Jun 2024 — Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager. La deserialización insegura en algunos flujos de trabajo del IPS Manager permite a atacantes remotos no autenticados realizar ejecución de código arbitrario y acceder al vulnerable Trellix IPS Manager. • https://thrive.trellix.com/s/article/000013623 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4176
https://notcve.org/view.php?id=CVE-2024-4176
13 Jun 2024 — An Cross site scripting vulnerability in the EDR XConsole before this release allowed an attacker to potentially leverage an XSS/HTML-Injection using command line variables. A malicious threat actor could execute commands on the victim's browser for sending carefully crafted malicious links to the EDR XConsole end user. Una vulnerabilidad de cross-site scripting en EDR XConsole antes de esta versión permitía a un atacante aprovechar potencialmente una inyección XSS/HTML utilizando variables de línea de coma... • https://thrive.trellix.com/s/article/000013455 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4844
https://notcve.org/view.php?id=CVE-2024-4844
16 May 2024 — Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was possible through using a hard coded password for the keystore. Access Control restrictions on the file mean this would not be exploitable unless the user is the system admin for the server that ePO is running on. • https://thrive.trellix.com/s/article/000013505 • CWE-798: Use of Hard-coded Credentials •