Trellix Epolicy Orchestrator

4 CVEs affecting Trellix Epolicy Orchestrator. Latest disclosed: 2024-05-16. Critical: 0, High: 2.

Top CVEs affecting Trellix Epolicy Orchestrator
CVESeverityScorePublishedSummary
CVE-2023-5444High8.02023-11-17 A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new u…
CVE-2024-4844High7.52024-05-16Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privil…
CVE-2023-5445Medium5.42023-11-17 An open redirect vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2, allows a remote low privileged user to modify the URL parameter for the p…
CVE-2024-4843Medium4.32024-05-16ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate…