{"api_version":"1","generated_at":"2026-04-22T19:08:00+00:00","cve":"CVE-2023-0978","urls":{"html":"https://cve.report/CVE-2023-0978","api":"https://cve.report/api/cve/CVE-2023-0978.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-0978","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-0978"},"summary":{"title":"CVE-2023-0978","description":"A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack","state":"PUBLIC","assigner":"trellixpsirt@trellix.com","published_at":"2023-03-13 14:15:00","updated_at":"2023-11-07 04:02:00"},"problem_types":["CWE-77"],"metrics":[],"references":[{"url":"https://kcm.trellix.com/corporate/index?page=content&id=SB10397","name":"https://kcm.trellix.com/corporate/index?page=content&id=SB10397","refsource":"MISC","tags":[],"title":"Security Bulletin – Trellix Intelligent Sandbox update fixes one vulnerability (CVE-2023-0978)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-0978","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0978","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"978","vulnerable":"1","versionEndIncluding":"4.14.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"advanced_threat_defense","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"978","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trellix","cpe5":"intelligent_sandbox","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"978","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trellix","cpe5":"intelligent_sandbox","cpe6":"5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-0978","ASSIGNER":"trellixpsirt@trellix.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Trellix","product":{"product_data":[{"product_name":"Trellix Intelligent Sandbox","version":{"version_data":[{"version_affected":"<=","version_name":" 5.0","version_value":" 5.2"}]}}]}}]}},"references":{"reference_data":[{"url":"https://kcm.trellix.com/corporate/index?page=content&id=SB10397","refsource":"MISC","name":"https://kcm.trellix.com/corporate/index?page=content&id=SB10397"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"UNKNOWN"},"solution":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"\n\n<span style=\"background-color: rgb(255, 255, 255);\">To remediate this issue, customers running ATD/IS 5.2.0 or earlier must go to the </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.trellix.com/en-us/downloads/my-products.html\">Product Downloads site</a><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;and download the applicable product update/hotfix file:</span>\n\n<br>"}],"value":"\nTo remediate this issue, customers running ATD/IS 5.2.0 or earlier must go to the  Product Downloads site https://www.trellix.com/en-us/downloads/my-products.html  and download the applicable product update/hotfix file:\n\n\n"}],"credits":[{"lang":"en","value":"Derrick Berg (Eastman Kodak Company)"}],"impact":{"cvss":[{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.4,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-03-13 14:15:00","lastModifiedDate":"2023-11-07 04:02:00","problem_types":["CWE-77"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mcafee:advanced_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndIncluding":"4.14.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:trellix:intelligent_sandbox:5.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:trellix:intelligent_sandbox:5.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}