|
|||
Rule General Information |
---|
Release Date: | 2017-09-04 | |
Rule Name: | WEB-OTHER Trend Micro IWSVA DeploymentWizardAction GetClusterInfo Command Injection -1.b | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | A command injection vulnerability has been reported in Trend Micro InterScan Web Security Virtual Appliance(IWSVA). The vulnerability exists due to improper validation of the HTTP request parameters in the GetClusterInfo method of the DeploymentWizardAction class. | |
Impact: | Remote command execution | |
Affected OS: | Windows | |
Reference: | ||
Solutions |
---|
Update vendor's patch. |