CVE-2024-5956

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly
References
Link Resource
https://thrive.trellix.com/s/article/000013870 Permissions Required
Configurations

Configuration 1 (hide)

cpe:2.3:a:trellix:intrusion_prevention_system_manager:11.1.7.97:*:*:*:*:*:*:*

History

06 Sep 2024, 16:25

Type Values Removed Values Added
References () https://thrive.trellix.com/s/article/000013870 - () https://thrive.trellix.com/s/article/000013870 - Permissions Required
Summary
  • (es) Esta vulnerabilidad permite a atacantes remotos no autenticados eludir la autenticación y obtener acceso parcial a los datos del Trellix IPS Manager vulnerable con datos basura en respuesta principalmente.
CPE cpe:2.3:a:trellix:intrusion_prevention_system_manager:11.1.7.97:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 6.5
v2 : unknown
v3 : 5.3
CWE CWE-287
First Time Trellix intrusion Prevention System Manager
Trellix

05 Sep 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-05 11:15

Updated : 2024-09-06 16:25


NVD link : CVE-2024-5956

Mitre link : CVE-2024-5956

CVE.ORG link : CVE-2024-5956


JSON object : View

Products Affected

trellix

  • intrusion_prevention_system_manager
CWE
CWE-287

Improper Authentication

CWE-305

Authentication Bypass by Primary Weakness