A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack
References
Link | Resource |
---|---|
https://kcm.trellix.com/corporate/index?page=content&id=SB10397 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trellix
Published: 2023-03-13T13:29:32.271Z
Updated: 2023-04-03T15:34:38.217Z
Reserved: 2023-02-23T05:28:48.678Z
Link: CVE-2023-0978
JSON object: View
NVD Information
Status : Modified
Published: 2023-03-13T14:15:12.727
Modified: 2023-11-07T04:02:04.857
Link: CVE-2023-0978
JSON object: View
Redhat Information
No data.
CWE