CVE-2024-5671

Summary

Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager.

Affected Software

VendorProductVersion RangeStatus
TrellixIntrusion Prevention System (IPS) ManagerPrior to 11.1.xaffected

Weaknesses

  • CWE-502: CWE-502: Deserialization of untrusted data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References