Trend Micro Deep Discovery 3.7.1096 Authentication Bypass

🗓️ 18 Aug 2015 00:00:00Reported by hyp3rlinxType

packetstorm🔗 packetstormsecurity.com👁 43 Views

Trend Micro Deep Discovery 3.7.1096 Authentication Bypass CVE-2015-287

Reporter	Title	Published	Views	Family All 11
0day.today	Trend Micro Deep Discovery 3.7.1096 Authentication Bypass / XSS Vulnerabilities	20 Aug 201500:00	–	zdt
CNVD	Trend Micro Deep Discovery Inspector Authentication Bypass Vulnerability	20 Aug 201500:00	–	cnvd
CVE	CVE-2015-2873	23 Aug 201515:00	–	cve
Cvelist	CVE-2015-2873	23 Aug 201515:00	–	cvelist
EUVD	EUVD-2015-2961	7 Oct 202500:30	–	euvd
NVD	CVE-2015-2873	23 Aug 201515:59	–	nvd
OpenVAS	Trend Micro Deep Discovery Inspector Authentication Bypass and XSS Vulnerabilities	19 Aug 201600:00	–	openvas
Prion	Design/Logic Flaw	23 Aug 201515:59	–	prion
securityvulns	Trend Micro Deep Discovery Authentication Bypass	24 Aug 201500:00	–	securityvulns
securityvulns	Trend Micro Deep Discovery security vulnerabilities	24 Aug 201500:00	–	securityvulns

`[+] Credits: John Page aka hyp3rlinx  
  
[+] Website: hyp3rlinx.altervista.org  
  
[+] Source:  
http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DDI-0818.txt  
  
  
  
Vendor:  
================================  
www.trendmicro.com  
  
  
  
Product:  
===================================  
Trend Micro Deep Discovery 3.7.1096  
  
  
  
Vulnerability Type:  
===================  
Authentication Bypass  
  
  
CVE Reference:  
==============  
CVE-2015-2873  
  
  
  
  
Vulnerability Details:  
===========================================================  
http://esupport.trendmicro.com/solution/en-US/1112206.aspx  
  
http://www.kb.cert.org/vuls/id/248692  
  
Trend Micro Deep Discovery Threat Appliance version 3.7.1096  
Certain Deep Discovery Inspector URLs including the system log and  
whitelist/blacklist are accessible to a non-administrator user  
because the pages do not properly check for authorization. An  
unauthenticated user without administrator privileges may thus  
gain access to and modify certain system configuration settings.  
  
Several URLs, including the system log, whitelist, and blacklist,  
are accessible to a non-administrator user by direct request.  
The pages do not properly check for authorization.  
  
  
  
Impact:  
=======  
An authenticated user without administrator privileges may access  
and modify certain system configuration settings.  
  
  
  
Exploit code(s):  
===============  
N/A  
  
  
  
  
Disclosure Timeline:  
=========================================================  
Vendor Notification: March 26, 2015  
August 18, 2015 : Public Disclosure  
  
  
  
  
  
Severity Level:  
=========================================================  
High  
  
  
  
Description:  
==========================================================  
  
  
Request Method(s): [+] GET  
  
  
Vulnerable Product: [+] Trend Micro Deep Discovery 3.7.1096  
  
  
Vulnerable Parameter(s): [+] syslog, whitelist, blacklist  
  
  
Affected Area(s): [+] Trend Micro Deep Discovery  
  
  
===========================================================  
  
[+] Disclaimer  
Permission is hereby granted for the redistribution of this advisory,  
provided that it is not altered except by reformatting it, and that due  
credit is given. Permission is explicitly given for insertion in  
vulnerability databases and similar, provided that due credit is given to  
the author. The author is not responsible for any misuse of the information  
contained herein and prohibits any malicious use of all security related  
information or exploits by the author or elsewhere.  
  
by hyp3rlinx  
`

18 Aug 2015 00:00Current

0.3Low risk

Vulners AI Score0.3

EPSS0.02538