CVE-2024-5671
Insecure Deserialization in some workflows of the IPS Manager allows
Description
Description
Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS Manager.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Affected Vendors & Products
| Vendor | Product | Version |
|---|---|---|
| trellix | ips_manager | 3.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart
Meta Information
CVE Publication Date:
2024-06-14
CVE Last Modified Date:
2024-11-21
Report Generation Date:
2025-11-01
EPSS Last Evaluated Date:
2025-08-20
NVD Report Link: