CVE-2022-3340

XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://kcm.trellix.com/corporate/index?page=content&id=SB10388	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:trellix:intrusion_prevention_system_manager::::::::
	cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:-::::::
	cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:minor8::::::

History

08 Nov 2022, 16:14

Type	Values Removed	Values Added
CPE		cpe:2.3:a:trellix:intrusion_prevention_system_manager:::::::: cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:minor8:::::: cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:-::::::
CWE		CWE-611
First Time		Trellix intrusion Prevention System Manager Trellix
References	~~(CONFIRM) https://kcm.trellix.com/corporate/index?page=content&id=SB10388 -~~	(CONFIRM) https://kcm.trellix.com/corporate/index?page=content&id=SB10388 - Patch, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.2

04 Nov 2022, 12:42

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-11-04 12:15

Updated : 2023-12-10 14:35

NVD link : CVE-2022-3340

Mitre link : CVE-2022-3340

CVE.ORG link : CVE-2022-3340

JSON object : View

Products Affected

trellix

intrusion_prevention_system_manager

CWE

CWE-611

Improper Restriction of XML External Entity Reference

{"id": "CVE-2022-3340", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 1.7}]}, "published": "2022-11-04T12:15:15.377", "references": [{"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10388", "tags": ["Patch", "Vendor Advisory"], "source": "trellixpsirt@trellix.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}, {"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported."}, {"lang": "es", "value": "La vulnerabilidad de entidad externa XML (XXE) en Trellix IPS Manager anterior a 10.1 M8 permite que un administrador remoto autenticado realice un ataque XXE en la parte de la interfaz del administrador de la interfaz, lo que permite importar un archivo de configuraci\u00f3n XML guardado."}], "lastModified": "2022-11-08T16:14:20.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB4B3735-91C5-41F5-A320-C3AFD77D0A72", "versionEndExcluding": "10.1"}, {"criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D91A5BF5-A481-4AD6-B3A5-11470D7CE055"}, {"criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:10.1:minor8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8300185B-9EC7-4EB1-BF86-2983FDA880BF"}], "operator": "OR"}]}], "sourceIdentifier": "trellixpsirt@trellix.com"}