CVE-2023-3313

An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.

Published: Jul 3, 2023
Updated: Jul 12, 2023
CVE: CVE-2023-3313
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
trellix / enterprise_security_manager	-	11.6.7

https://kcm.trellix.com/corporate/index?page=content&id=SB10403

Vulnerability Database

289,697

CVE-2023-3313