CVE-2024-5731
6.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Summary
A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Trellix | Intrusion Prevention System (IPS) Manager | Prior to 11.1.x | affected |
Weaknesses
- CWE-311: CWE-311: Missing encryption of sensitive data
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.