- Description
- A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user.
- Source
- trellixpsirt@trellix.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- trellixpsirt@trellix.com
- CWE-78
- Hype score
- Not currently trending
CVE-2024-11482 (CVSS:9.8, CRITICAL) is Awaiting Analysis. A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code exe..https://t.co/Fz0h0ptUjm #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
4 Dec 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trellix Enterprise Security Manager 11.6.13 リリース 未認証の攻撃者が Snowservice API にアクセスできる脆弱性 CVE-2024-11481 CVSS 8.2 と Snowservice API を利用して、任意のコマンドを「rootユーザー権限」で実行できる脆弱性 CVE-2024-11482 CVSS 9.8 などを修正 https://t.co/Mb3m8jejja
@t_nihonmatsu
2 Dec 2024
311 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Trellix Enterprise Security Manager Patches Critical Flaws, Including CVE-2024-11482 (CVSS 9.8) https://t.co/fC54mDDK3K
@Dinosn
2 Dec 2024
986 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🗣 Trellix Enterprise Security Manager Patches Critical Flaws, Including CVE-2024-11482 (CVSS 9.8) https://t.co/RRLLpjY8Hz
@fridaysecurity
2 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11482 Remote Code Execution in ESM 11.6.10 via Unauthenticated Command Injection ESM 11.6.10 has a vulnerability. It lets anyone access the internal Snowservice API without logging in. This issue allows ... https://t.co/PpdvDUtaQj
@VulmonFeeds
30 Nov 2024
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
There is a new vulnerability with elevated criticality in Trellix Enterprise Security Manager (CVE-2024-11482) https://t.co/SfstgT6J3g
@vuldb
29 Nov 2024
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-11482: CRITICAL] A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user.#cybersecurity,#vulnerability https://t.co/JinXctHZnn https://t.co/wbYJX6
@CveFindCom
29 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11482 A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as … https://t.co/B9zLWMn7PS
@CVEnew
29 Nov 2024
526 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes