Vulnerabilities > CVE-2022-3340 - XXE vulnerability in Trellix Intrusion Prevention System Manager 10.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |