XXE in Trellix ePO server
CVE-2022-3338

5.4MEDIUM

Key Information:

Vendor: Trellix
Status: Trellix Epolicy Orchestrator (epo)
Vendor: CVE Published:; 18 October 2022

Summary

An External XML entity (XXE) vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully constructed XML file through the API.

Affected Version(s)

Trellix ePolicy Orchestrator (ePO) < 5.10 Update 14

References

https://kcm.trellix.com/corporate/index?page=content&id=S...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Oct 18, 2022
Vulnerability Reserved
Sep 27, 2022