Vulnerabilities > Trellix > Enterprise Security Manager > 11.6.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-6071 | Command Injection vulnerability in Trellix Enterprise Security Manager 11.6.3/11.6.7/11.6.8 An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. | 7.2 |
| 2023-11-29 | CVE-2023-6070 | Unspecified vulnerability in Trellix Enterprise Security Manager 11.6.3/11.6.7 A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. | 4.3 |