CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-6071

An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. This is possible as the input isn't correctly sanitized when adding a new data source.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.3%

CVSS Severity

CVSS v3 Score 8.4

References

https://kcm.trellix.com/corporate/index?page=content&id=SB10413
https://kcm.trellix.com/corporate/index?page=content&id=SB10413

Products affected by CVE-2023-6071

Trellix » Enterprise Security Manager » Version: 11.6.3

cpe:2.3:a:trellix:enterprise_security_manager:11.6.3
Trellix » Enterprise Security Manager » Version: 11.6.7

cpe:2.3:a:trellix:enterprise_security_manager:11.6.7
Trellix » Enterprise Security Manager » Version: 11.6.8

cpe:2.3:a:trellix:enterprise_security_manager:11.6.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6071

Products

Pricing

Contact Us