CVE-2024-11481

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API. This leads to improper handling of path traversal, insecure forwarding to an AJP backend without adequate validation, and lack of authentication for accessing internal API endpoints.

CVSS v3 8.2 HIGH

8.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://thrive.trellix.com/s/article/000014058	Permissions Required

Configurations

Configuration 1 (hide)

cpe:2.3:a:trellix:enterprise_security_manager:11.6.10:*:*:*:*:*:*:*

History

28 Oct 2025, 18:37

Type	Values Removed	Values Added
CPE		cpe:2.3:a:trellix:enterprise_security_manager:11.6.10:::::::*
First Time		Trellix Trellix enterprise Security Manager
Summary		(es) Una vulnerabilidad en ESM 11.6.10 permite el acceso no autenticado a la API interna de Snowservice. Esto genera un manejo inadecuado de path traversal, un reenvío inseguro a un backend AJP sin la validación adecuada y una falta de autenticación para acceder a los endpoints de la API interna.
References	~~() https://thrive.trellix.com/s/article/000014058 -~~	() https://thrive.trellix.com/s/article/000014058 - Permissions Required

29 Nov 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-29 08:15

Updated : 2025-10-28 18:37

NVD link : CVE-2024-11481

Mitre link : CVE-2024-11481

CVE.ORG link : CVE-2024-11481

JSON object : View

Products Affected

trellix

enterprise_security_manager

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2024-11481", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.2, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.2, "exploitabilityScore": 3.9}]}, "published": "2024-11-29T08:15:04.270", "references": [{"url": "https://thrive.trellix.com/s/article/000014058", "tags": ["Permissions Required"], "source": "trellixpsirt@trellix.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API. This leads to improper handling of path traversal, insecure forwarding to an AJP backend without adequate validation, and lack of authentication for accessing internal API endpoints."}, {"lang": "es", "value": "Una vulnerabilidad en ESM 11.6.10 permite el acceso no autenticado a la API interna de Snowservice. Esto genera un manejo inadecuado de path traversal, un reenv\u00edo inseguro a un backend AJP sin la validaci\u00f3n adecuada y una falta de autenticaci\u00f3n para acceder a los endpoints de la API interna."}], "lastModified": "2025-10-28T18:37:08.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trellix:enterprise_security_manager:11.6.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E938A5F5-8505-4AFD-BBC4-51B422551FAC"}], "operator": "OR"}]}], "sourceIdentifier": "trellixpsirt@trellix.com"}