Lucene search

TrellixCVELIST:CVE-2022-2330

HistoryAug 30, 2022 - 7:35 a.m.

CVE-2022-2330 XXE vulnerability in DLP Endpoint for Windows

2022-08-3007:35:13

CWE-611

trellix

www.cve.org

cve-2022-2330

xxe vulnerability

dlp endpoint

windows

improper restriction

xml external entity reference

remote attacker

dlp agent

local service

xml file

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

45.7%

JSON

Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn’t usually have access to via a carefully constructed XML file, which the DLP Agent doesn’t parse correctly.

CNA Affected

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "DLP Endpoint for Windows",
    "vendor": "Trellix",
    "versions": [
      {
        "lessThan": "11.9.100",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

kcm.trellix.com/corporate/index?page=content&id=SB10386

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

45.7%

JSON

Related for CVELIST:CVE-2022-2330