XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported.
7.2CVSS
6.6AI Score
0.002EPSS
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly
6.5CVSS
7.4AI Score
0.0005EPSS
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager.
7.5CVSS
7.6AI Score
0.001EPSS