Lucene search
Japan Vulnerability NotesJVN:42014489HistorySep 27, 2012 - 12:00 a.m.
JVN#42014489: Trend Micro Control Manager vulnerable to SQL injection
2012-09-2700:00:00
Japan Vulnerability Notes
jvn.jp
17
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.5%
Trend Micro Control Manager contains a vulnerability in the ad hoc query module, which may result in SQL injection.
Impact
An arbitrary SQL command may be executed in the backend database the product is referencing.
Solution
Apply a patch
Apply the appropriate patch according to the information provided by the developer.
Products Affected
- Trend Micro Control Manager prior to 6.0.0.1449 (English version)
- Trend Micro Control Manager prior to 5.5.0.1823 (English version)
- Trend Micro Control Manager prior to 5.5.0.1823 (Japanese version)
Related
cve
cve
CVE-2012-2998
2012-09-28 10:40:21
cert
cert
Trend Micro Control Manager adhoc query vulnerability
2012-09-27 00:00:00
packetstorm
packetstorm
Trend Micro Control Manager 5.5 / 6.0 Blind SQL Injection
2012-09-27 00:00:00
prion
prion
Sql injection
2012-09-28 10:40:00
seebug
seebug
exploitpack
exploitpack
nvd
nvd
CVE-2012-2998
2012-09-28 10:40:21
nessus
nessus
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2012-2998
2012-09-28 10:00:00
exploitdb
exploitdb
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.5%
Related for JVN:42014489