216.73.216.133

CVE-2025-3722

· Published 26/06/2025 11:15 · Modified 26/06/2025 18:57

Labels: CVE-2025-3722 2025-06-26CVE-2025-3722CWE-22[email protected]

Essential information

Published
26/06/2025 11:15
Modified
26/06/2025 18:57
Author
Creator
CVSS
0.0 NONE (v3) None NONE (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
trellix / system information reporter cpe:2.3:a:trellix:system_information_reporter:1.0.3:*:*:*:*:*:*:*
trellix / system information reporter cpe:2.3:a:trellix:system_information_reporter:*:*:*:*:*:*:*:*

References