CVE-2022-3340

Name of the Vulnerable Software and Affected Versions Trellix IPS Manager versions prior to 10.1 M8

Description The issue allows a remote authenticated administrator to perform an XML External Entity (XXE) attack in the administrator interface. This is done by importing a saved XML configuration file, enabling the attacker to exploit the vulnerability.

Recommendations For versions prior to 10.1 M8, update to version 10.1 M8 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrator interface and limiting the ability to import XML configuration files until a patch is applied.