Vulnerabilities > Trellix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-13 | CVE-2023-0978 | Command Injection vulnerability in multiple products A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. | 6.7 |
| 2023-02-02 | CVE-2023-0400 | Uncontrolled Search Path Element vulnerability in Trellix Data Loss Prevention 11.9.0/11.9.100 The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. | 8.2 |
| 2023-01-18 | CVE-2023-0214 | Cross-site Scripting vulnerability in Trellix Skyhigh Secure web Gateway A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG. | 6.1 |
| 2022-12-16 | CVE-2022-4326 | Improper Preservation of Permissions vulnerability in Trellix Endpoint Security Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. | 6.0 |
| 2022-11-30 | CVE-2022-3859 | Uncontrolled Search Path Element vulnerability in Trellix Agent An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. | 6.7 |
| 2022-11-04 | CVE-2022-3340 | XXE vulnerability in Trellix Intrusion Prevention System Manager 10.1 XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported. | 7.2 |