CRITICAL🇬🇧 English

CVE-2017-14097

CVSS 9.8v3.0pub. 2018-01-19upd. 2024-11-21

An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to decrypt contents of a database with information that could be used to access a vulnerable system.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Trendmicro Smart Protection Server

    APP
    Trendmicro
    ≤ 3.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-6231CRITICAL9.8ten sam produkt

A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (St...

CVE-2017-14094CRITICAL9.8ten sam produkt

A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an atta...

CVE-2016-6269CRITICAL9.1ten sam produkt

Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6...

CVE-2018-10350HIGH8.8ten sam produkt

A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x co...

CVE-2018-6237HIGH7.5ten sam produkt

A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote ...

CVE-2017-14097 — CRITICAL 9.8 | CVEbaza.pl