Server-Side Request Forgery Vulnerability in ESM by Trellix
CVE-2023-6070

4.3MEDIUM

Key Information:

Vendor: Trellix
Status: Trellix Enterprise Security Manager (esm)
Vendor: CVE Published:; 29 November 2023

Summary

A vulnerability has been identified in ESM where low privileged authenticated users can exploit a server-side request forgery. This occurs due to inadequate certificate validation in the API, which permits these users to upload arbitrary content. Such functionality flaws can lead to unauthorized configuration changes, potentially compromising the system’s integrity. Organizations using affected versions should prioritize updates to mitigate exploitation risks.

Affected Version(s)

Trellix Enterprise Security Manager (ESM) 11.6.8

References

https://kcm.trellix.com/corporate/index?page=content&id=S...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 29, 2023
Vulnerability Reserved
Nov 10, 2023

Credit

Andre Waldhoff (condignum GmbH)

Johannes Bär (condignum GmbH)