Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Trellix Agent 代码问题漏洞
Vulnerability Description
Trellix Agent是美国火眼(Trellix)公司的一个客户端组件。提供 McAfee ePolicy Orchestrator(McAfee ePO)和托管产品之间的安全通信。 Trellix Agent 存在安全漏洞,该漏洞源于一个基于堆的缓冲区溢出漏洞。
CVSS Information
N/A
Vulnerability Type
N/A