Trellix Enterprise Security Manager
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Trellix Enterprise Security Manager.
By the Year
In 2026 there have been 0 vulnerabilities in Trellix Enterprise Security Manager. Enterprise Security Manager did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 4 | 7.03 |
It may take a day or so for new Enterprise Security Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Trellix Enterprise Security Manager Security Vulnerabilities
ESM 11.6.9 CMD Injection via data sourceroot exec
CVE-2023-6071
7.2 - High
- November 30, 2023
An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. This is possible as the input isn't correctly sanitized when adding a new data source.
Command Injection
SSRF in ESM <11.6.8 via Certificate Upload API
CVE-2023-6070
4.3 - Medium
- November 29, 2023
A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn't parse for invalid data
SSRF
Zip util: unsanitized zip file triggers external command execution
CVE-2023-3314
8.8 - High
- July 03, 2023
A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip file(s). Incomplete neutralization of external commands used to control the process execution of the .zip application allows an authorized user to obtain control of the .zip application to execute arbitrary commands or obtain elevation of system privileges.
Shell injection
Tenable ESM Certificate API Command Injection
CVE-2023-3313
7.8 - High
- July 03, 2023
An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Trellix Enterprise Security Manager or by Trellix? Click the Watch button to subscribe.
