VYPR
High severity8.4NVD Advisory· Published Nov 30, 2023· Updated Jun 17, 2026

CVE-2023-6071

CVE-2023-6071

Description

An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. This is possible as the input isn't correctly sanitized when adding a new data source.

Affected products

2
  • Trellix/Esmllm-fuzzy2 versions
    <11.6.9+ 1 more
    • (no CPE)range: <11.6.9
    • (no CPE)range: Prior to version 11.6.9

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.