{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-3340", "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "dateUpdated": "2022-11-04T00:00:00", "dateReserved": "2022-09-27T00:00:00", "datePublished": "2022-11-04T00:00:00"}, "containers": {"cna": {"title": "Trellix IPS Manager vulnerable to XXE", "providerMetadata": {"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix", "dateUpdated": "2022-11-04T00:00:00"}, "descriptions": [{"lang": "en", "value": "XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported."}], "affected": [{"vendor": "Trellix", "product": "Trellix IPS Manager", "versions": [{"version": "unspecified", "lessThan": "10.1 M10", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10388"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "Improper Restriction of XML External Entity Reference (CWE-611)\u202f", "cweId": "CWE-611"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "EXTERNAL"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB4B3735-91C5-41F5-A320-C3AFD77D0A72", "versionEndExcluding": "10.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:-:*:*:*:*:*:*", "matchCriteriaId": "D91A5BF5-A481-4AD6-B3A5-11470D7CE055", "vulnerable": true}, {"criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:minor8:*:*:*:*:*:*", "matchCriteriaId": "8300185B-9EC7-4EB1-BF86-2983FDA880BF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported."}, {"lang": "es", "value": "La vulnerabilidad de entidad externa XML (XXE) en Trellix IPS Manager anterior a 10.1 M8 permite que un administrador remoto autenticado realice un ataque XXE en la parte de la interfaz del administrador de la interfaz, lo que permite importar un archivo de configuraci\u00f3n XML guardado."}], "id": "CVE-2022-3340", "lastModified": "2022-11-08T16:14:20.237", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 3.7, "source": "trellixpsirt@trellix.com", "type": "Secondary"}]}, "published": "2022-11-04T12:15:15.377", "references": [{"source": "trellixpsirt@trellix.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10388"}], "sourceIdentifier": "trellixpsirt@trellix.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-611"}], "source": "trellixpsirt@trellix.com", "type": "Secondary"}]}

{}