The vulnerability of the application programming interface of the Trellix Enterprise Security Manager (ESM) system, which allows a perpetrator to execute arbitrary commands.

The vulnerability of the application programming interface of the Trellix Enterprise Security Manager ESM system for monitoring, analyzing, and managing security threats is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploitin...

Trellix Enterprise Security Manager 安全漏洞

Trellix Enterprise Security Manager Trellix ESM is an application from American FireEye Trellix, Inc. Used for real-time monitoring and analysis enables you to quickly prioritize, investigate and respond to hidden threats. A security vulnerability exists in Trellix Enterprise Security Manager...

PT-2024-9163 · Trellix · Trellix Enterprise Security Manager

Name of the Vulnerable Software and Affected Versions: Trellix Enterprise Security Manager ESM version 11.6.10 Description: A vulnerability in the system allows unauthenticated access to the internal Snowservice API, leading to improper handling of path traversal and insecure forwarding to an AJP...

Trellix Enterprise Security Manager < 11.6.7 Command Injection

The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.7. It is, therefore, affected by multiple command injection vulnerabilities. - A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip files. Incomplete...

Trellix Enterprise Security Manager < 11.6.9 Command Injection

The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.9. It is, therefore, affected by a command injection vulnerability. Due to improper neutralization of special elements, a remote attacker, authenticated as an administrator, can execute code as...

Trellix Enterprise Security Manager 操作系统命令注入漏洞

Trellix Enterprise Security Manager is an application from American FireEye Trellix, Inc. for real-time monitoring and analysis enables you to quickly prioritize, investigate and respond to hidden threats. A security vulnerability exists in Trellix Enterprise Security Manager version 11.6.3 and...