Lucene search
TrellixCVELIST:CVE-2023-0976HistoryJun 07, 2023 - 7:35 a.m.
CVE-2023-0976
2023-06-0707:35:57
CWE-427
trellix
www.cve.org
2
command injection
vulnerability
macos
ta
arbitrary file
execution
deployment feature
system tree
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS
0
Percentile
13.3%
A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/Β folder. The malicious file is executed by running the TA deployment feature located in the System Tree.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Trellix Agent",
"vendor": "Trellix",
"versions": [
{
"status": "affected",
"version": "5.7.8"
}
]
}
]Related
prion
prion
Command injection
2023-06-07 08:15:00
nvd
nvd
CVE-2023-0976
2023-06-07 08:15:09
cve
cve
CVE-2023-0976
2023-06-07 08:15:09
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS
0
Percentile
13.3%
Related for CVELIST:CVE-2023-0976