CVE-2024-4844
May 16, 2024, 1:03 p.m.
7.5
High
Description
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was possible through using a hard coded password for the keystore. Access Control restrictions on the file mean this would not be exploitable unless the user is the system admin for the server that ePO is running on.
Product(s) Impacted
Product | Versions |
---|---|
Trellix ePolicy Orchestrator (ePO) on Premise |
|
Weaknesses
Tags
CVSS Score
CVSS Data
- Attack Vector: NETWORK
- Attack Complexity: HIGH
- Privileges Required: LOW
- Scope: UNCHANGED
- Confidentiality Impact: HIGH
- Integrity Impact: HIGH
- Availability Impact: HIGH
View Vector String
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Date
- Published: May 16, 2024, 7:15 a.m.
- Last Modified: May 16, 2024, 1:03 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
trellixpsirt@trellix.com
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.