CVE-2024-5671

Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager...

PT-2022-21779 · Trellix · Trellix Ips Manager

Name of the Vulnerable Software and Affected Versions: Trellix IPS Manager versions prior to 10.1 M8 Description: The issue allows a remote authenticated administrator to perform an XML External Entity XXE attack in the administrator interface. This is done by importing a saved XML configuration...