|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-03-26 | |
| Rule Name: | Trend Micro IMSVA Management Portal Authentication Bypass Vulnerability (CVE-2018-3609) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations. | |
| Impact: | An attacker can take advantage of the vulnerability to bypass the security policy implemented by the software administrator, and perform unauthorized actions to the target system. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:103097 https://korelogic.com/Resources/Advisories/KL-001-2018-006.txt https://success.trendmicro.com/jp/solution/1119290 https://success.trendmicro.com/solution/1119277 |
|
| Solutions |
|---|
| No information about possible solutions is published. Please use an alternative product to substitude the affected software. |