CVE-2020-15601
N/A
N/A
Summary
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Trend Micro | Trend Micro Deep Security | 10.0, 11.0, 12.0 | affected |
Weaknesses
- Authentication Bypass
ADP Enrichment
CVE Program Container
Additional References
- https://success.trendmicro.com/solution/000252039
- https://www.zerodayinitiative.com/advisories/ZDI-20-1077/
References
- https://success.trendmicro.com/solution/000252039
- https://www.zerodayinitiative.com/advisories/ZDI-20-1077/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.