Lucene search

TrellixCVELIST:CVE-2023-5444

HistoryNov 17, 2023 - 9:47 a.m.

CVE-2023-5444 CSRF in ePO leading to privilege escalation

2023-11-1709:47:20

CWE-352

trellix

www.cve.org

cross site request forgery

epolicy orchestrator

privilege escalation

vulnerability

user interface

http payload

8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.5%

JSON

A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this the attacker must change the HTTP payload post submission, prior to it reaching the ePO server.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "ePolicy Orchestrator",
    "vendor": "Trellix",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to 5.10.0 SP1 UP2"
      }
    ]
  }
]

References

kcm.trellix.com/agent/index?page=content&id=SB10410

8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.5%

JSON

Related for CVELIST:CVE-2023-5444