Vulnerabilities > Trellix > Intrusion Prevention System Manager > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-05	CVE-2024-5957	Improper Authentication vulnerability in Trellix Intrusion Prevention System Manager 10.1 This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager. network low complexity trellix CWE-287	7.5
2022-11-04	CVE-2022-3340	XXE vulnerability in Trellix Intrusion Prevention System Manager 10.1 XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported. network low complexity trellix CWE-611	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.