Trellix: Unauthenticated Path Traversal and Command Injection in Trellix Enterprise Security Manager 11.6.10
A critical vulnerability was identified in Trellix Enterprise Security Manager ESM version 11.6.10. The vulnerability allowed unauthenticated access to internal API endpoints through path traversal and enabled remote code execution via command injection. The issue stemmed from insecure AJP proxy...