CVE-2023-3313 HIGH

CVE-2023-3313

Vendor Trellix
Product Enterprise Security Manager
Weakness CWE-78
Published July 3, 2023
Last update November 22, 2024

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.

Key dates

02Disclosure timeline

July 3, 2023 CVE published
November 22, 2024 Record updated