exploitDog

CVE-2023-3313

Опубликовано: 03 июл. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.

Ссылки

https://kcm.trellix.com/corporate/index?page=content&id=SB10403
Vendor Advisory
https://kcm.trellix.com/corporate/index?page=content&id=SB10403
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trellix:enterprise_security_manager:*:*:*:*:*:*:*:*

Версия до 11.6.7 (исключая)

EPSS

Процентиль: 40%

0.00182

Низкий

7.8 High

CVSS3

Дефекты

CWE-78

CWE-78

Связанные уязвимости

GHSA-jw47-p4mw-r42h

CVSS3: 7.8

github

больше 2 лет назад

An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.

EPSS

Процентиль: 40%

0.00182

Низкий

7.8 High

CVSS3

Дефекты

CWE-78

CWE-78