CVE-2019-9488
N/A
N/A
Summary
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Trend Micro | Trend Micro Deep Security | 10.x | affected |
| Trend Micro | Trend Micro Deep Security | 11.x | affected |
| Trend Micro | Trend Micro Vulnerability Protection | 2.0 | affected |
Weaknesses
- XXE Attack
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.