Lucene search

[email protected]NVD:CVE-2023-4814

HistorySep 14, 2023 - 7:15 a.m.

CVE-2023-4814

2023-09-1407:15:41

CWE-250

CWE-863

[email protected]

web.nvd.nist.gov

trellix windows dlp

privilege escalation

windows

vulnerability

file deletion

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to.

Affected configurations

NVD

Node

trellixdata_loss_preventionMatch11.10.100.17

References

kcm.trellix.com/corporate/index?page=content&id=SB10407

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for NVD:CVE-2023-4814

prion1 nessus1 cve1 cvelist1