CVE-2018-3609
N/A
N/A
Summary
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Trend Micro | Trend Micro InterScan Messaging Security Virtual Appliance | 9.0 and 9.1 | affected |
Weaknesses
- CWE-522: Insufficiently Protected Credentials (CWE-522)
ADP Enrichment
CVE Program Container
Additional References
- https://korelogic.com/Resources/Advisories/KL-001-2018-006.txt
- https://success.trendmicro.com/solution/1119277
- https://success.trendmicro.com/jp/solution/1119290
- http://www.securityfocus.com/bid/103097
References
- https://korelogic.com/Resources/Advisories/KL-001-2018-006.txt
- https://success.trendmicro.com/solution/1119277
- https://success.trendmicro.com/jp/solution/1119290
- http://www.securityfocus.com/bid/103097
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.