First published: Mon Nov 27 2023(Updated: )
An improper limitation of a path name to a restricted directory (path traversal) vulnerability in the TACC ePO extension, for on-premises ePO servers, prior to version 8.4.0 could lead to an authorised administrator attacker executing arbitrary code through uploading a specially crafted GTI reputation file. The attacker would need the appropriate privileges to access the relevant section of the User Interface. The import logic has been updated to restrict file types and content.
Credit: trellixpsirt@trellix.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trellix Application And Change Control | <8.4.0 |
Customers on TACC 8.3.8.x and earlier should update their ePO extension to 8.4.0.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-5607 is an improper limitation of a path name to a restricted directory (path traversal) vulnerability in the TACC ePO extension.
The severity of CVE-2023-5607 is high with a severity value of 8.4.
Trellix Application And Change Control versions up to 8.4.0 are affected by CVE-2023-5607.
An attacker can exploit CVE-2023-5607 by uploading a specially crafted GTI reputat file and executing arbitrary code.
To fix CVE-2023-5607, upgrade the TACC ePO extension to version 8.4.0 or newer.