CVE-2023-3313

An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.
Configurations

Configuration 1 (hide)

cpe:2.3:a:trellix:enterprise_security_manager:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:16

Type Values Removed Values Added
References () https://kcm.trellix.com/corporate/index?page=content&id=SB10403 - Vendor Advisory () https://kcm.trellix.com/corporate/index?page=content&id=SB10403 - Vendor Advisory

11 Jul 2023, 16:09

Type Values Removed Values Added
References (MISC) https://kcm.trellix.com/corporate/index?page=content&id=SB10403 - (MISC) https://kcm.trellix.com/corporate/index?page=content&id=SB10403 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-78
CPE cpe:2.3:a:trellix:enterprise_security_manager:*:*:*:*:*:*:*:*

03 Jul 2023, 13:02

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-03 08:15

Updated : 2024-11-21 08:16


NVD link : CVE-2023-3313

Mitre link : CVE-2023-3313

CVE.ORG link : CVE-2023-3313


JSON object : View

Products Affected

trellix

  • enterprise_security_manager
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')