Refine your search
4 vulnerabilities found for Intrusion Prevention System (IPS) Manager by Trellix
CVE-2024-5957 (GCVE-0-2024-5957)
Vulnerability from cvelistv5
Published
2024-09-05 10:49
Modified
2024-09-05 13:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-305 - Authentication Bypass by Primary Weakness
Summary
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trellix | Intrusion Prevention System (IPS) Manager |
Version: 11.1.7.97 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5957",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:10:58.158237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:11:11.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Intrusion Prevention System (IPS) Manager",
"vendor": "Trellix",
"versions": [
{
"status": "affected",
"version": "11.1.7.97"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Kentaro Kawane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager.\u003c/span\u003e\u003c/p\u003e\u003c/b\u003e"
}
],
"value": "This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305: Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T10:49:38.276Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://thrive.trellix.com/s/article/000013870"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2024-5957",
"datePublished": "2024-09-05T10:49:38.276Z",
"dateReserved": "2024-06-13T06:47:31.425Z",
"dateUpdated": "2024-09-05T13:11:11.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5956 (GCVE-0-2024-5956)
Vulnerability from cvelistv5
Published
2024-09-05 10:42
Modified
2024-09-05 13:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-305 - Authentication Bypass by Primary Weakness
Summary
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trellix | Intrusion Prevention System (IPS) Manager |
Version: 11.1.7.97 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trellix:intrusion_prevention_system_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "intrusion_prevention_system_manager",
"vendor": "trellix",
"versions": [
{
"status": "affected",
"version": "11.1.7.97"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5956",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:11:38.274777Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:13:04.061Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"11.1.7.97"
],
"product": "Intrusion Prevention System (IPS) Manager",
"vendor": "Trellix",
"versions": [
{
"status": "affected",
"version": "11.1.7.97"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Kentaro Kawane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly\u003c/span\u003e\u003c/b\u003e"
}
],
"value": "This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305: Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T10:50:14.273Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://thrive.trellix.com/s/article/000013870"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2024-5956",
"datePublished": "2024-09-05T10:42:09.315Z",
"dateReserved": "2024-06-13T06:47:29.265Z",
"dateUpdated": "2024-09-05T13:13:04.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5731 (GCVE-0-2024-5731)
Vulnerability from cvelistv5
Published
2024-06-14 13:57
Modified
2024-08-01 21:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-311 - Missing encryption of sensitive data
Summary
A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trellix | Intrusion Prevention System (IPS) Manager |
Version: Prior to 11.1.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:03:04.678445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:03:10.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://thrive.trellix.com/s/article/000013623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intrusion Prevention System (IPS) Manager",
"vendor": "Trellix",
"versions": [
{
"status": "affected",
"version": "Prior to 11.1.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Kentaro Kawane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive information.\u003c/span\u003e"
}
],
"value": "A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive information."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311: Missing encryption of sensitive data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T05:35:31.893Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://thrive.trellix.com/s/article/000013623"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2024-5731",
"datePublished": "2024-06-14T13:57:25.836Z",
"dateReserved": "2024-06-07T04:47:55.338Z",
"dateUpdated": "2024-08-01T21:18:06.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5671 (GCVE-0-2024-5671)
Vulnerability from cvelistv5
Published
2024-06-14 13:52
Modified
2024-08-01 21:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of untrusted data
Summary
Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trellix | Intrusion Prevention System (IPS) Manager |
Version: Prior to 11.1.x |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trellix:intrusion_prevention_system_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "intrusion_prevention_system_manager",
"vendor": "trellix",
"versions": [
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5671",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T03:55:21.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://thrive.trellix.com/s/article/000013623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intrusion Prevention System (IPS) Manager",
"vendor": "Trellix",
"versions": [
{
"status": "affected",
"version": "Prior to 11.1.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Kentaro Kawane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager.\u003c/span\u003e"
}
],
"value": "Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager."
}
],
"impacts": [
{
"capecId": "CAPEC-586",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-586 Object Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of untrusted data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T05:35:58.173Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://thrive.trellix.com/s/article/000013623"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2024-5671",
"datePublished": "2024-06-14T13:52:33.937Z",
"dateReserved": "2024-06-06T04:46:19.229Z",
"dateUpdated": "2024-08-01T21:18:06.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}