CVE-2018-10508

Summary

A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to use a specially crafted URL to elevate account permissions on vulnerable installations. An attacker must already have at least guest privileges in order to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro OfficeScan11.0 SP1, XGaffected

Weaknesses

  • Insecure Permissions

ADP Enrichment

CVE Program Container

Additional References

References