2 matches found
Trellix Enterprise Security Manager < 11.6.7 Command Injection
The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.7. It is, therefore, affected by multiple command injection vulnerabilities. - A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip files. Incomplete...
CVE-2023-3314
CVE-2023-3314 affects Trellix Enterprise Security Manager (and related entries) where a failure to fully sanitize zip file processing allows an authorized user to control the .zip application, enabling arbitrary command execution or privilege escalation. Public sources cite vulnerable versions (e...