CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5957
https://notcve.org/view.php?id=CVE-2024-5957
05 Sep 2024 — This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager. • https://thrive.trellix.com/s/article/000013870 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5956
https://notcve.org/view.php?id=CVE-2024-5956
05 Sep 2024 — This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly • https://thrive.trellix.com/s/article/000013870 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2024-5671
https://notcve.org/view.php?id=CVE-2024-5671
14 Jun 2024 — Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager. La deserialización insegura en algunos flujos de trabajo del IPS Manager permite a atacantes remotos no autenticados realizar ejecución de código arbitrario y acceder al vulnerable Trellix IPS Manager. • https://thrive.trellix.com/s/article/000013623 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3340 – Trellix IPS Manager vulnerable to XXE
https://notcve.org/view.php?id=CVE-2022-3340
04 Nov 2022 — XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported. La vulnerabilidad de entidad externa XML (XXE) en Trellix IPS Manager anterior a 10.1 M8 permite que un administrador remoto autenticado realice un ataque XXE en la parte de la interfaz del administrador de la interfaz, lo que permite importar un archi... • https://kcm.trellix.com/corporate/index?page=content&id=SB10388 • CWE-611: Improper Restriction of XML External Entity Reference •