A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://thrive.trellix.com/s/article/000014058#h2_0 |
History
Fri, 29 Nov 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Hp
Hp enterprise Security Manager |
|
CPEs | cpe:2.3:a:hp:enterprise_security_manager:*:*:*:*:*:*:*:* | |
Vendors & Products |
Hp
Hp enterprise Security Manager |
|
Metrics |
ssvc
|
Fri, 29 Nov 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user. | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: trellix
Published: 2024-11-29T07:03:33.494Z
Updated: 2024-11-29T13:53:03.259Z
Reserved: 2024-11-20T05:16:00.690Z
Link: CVE-2024-11482
Vulnrichment
Updated: 2024-11-29T13:52:56.639Z
NVD
Status : Received
Published: 2024-11-29T08:15:04.437
Modified: 2024-11-29T08:15:04.437
Link: CVE-2024-11482
Redhat
No data.