CVE-2024-7608
Path Traversal: '.../...//' (CWE-35)
Published: Aug 27, 2024 / Updated: 2mo ago
010
CVSS 5.9EPSS 0.04%Medium
CVE info copied to clipboard
An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, and CMS using path traversal for the URL of network anomaly download_artifact.
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H
Timeline
First Article
Feedly found the first article mentioning CVE-2024-7608. See article
Aug 27, 2024 at 8:24 AM / National Vulnerability Database
CVSS Estimate
Feedly estimated the CVSS score as MEDIUM
Aug 27, 2024 at 8:24 AM
EPSS
EPSS Score was set to: 0.04% (Percentile: 9.5%)
Aug 28, 2024 at 10:21 AM
CVSS
A CVSS base score of 5.9 has been assigned.
Aug 28, 2024 at 12:20 PM / nvd
Affected Systems
Trellix
+null more
News
NA - CVE-2024-7608 - An authenticated user can download sensitive...
An authenticated user can download sensitive files from NX, EX, FX, AX, IVX, and CMS using path traversal for the URL of network anomaly download_artifact.
cveNotify : 🚨 CVE-2024-7608An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, and CMS using path traversal for the URL of network anomaly download_artifact.🎖@cveNotify
cveNotify : 🚨 CVE-2024-7608An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, and CMS using path traversal for the URL of network anomaly download_artifact.🎖@cveNotify
CVE-2024-7608 | Trellix NX/EX/AX/FX/CMS/IVX path traversal
A vulnerability was found in Trellix NX, EX, AX, FX, CMS and IVX . It has been declared as problematic . Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal: '.../...//'. This vulnerability is known as CVE-2024-7608 . The attack can be launched remotely. There is no exploit available.
null
Trellix - MEDIUM - CVE-2024-7608 An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, and CMS using path traversal for the URL of network anomaly download_artifact.
CVE-2024-7608
An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, and CMS using path traversal for the URL of network anomaly...
See 4 more articles and social media posts