Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.
CPE | Name | Operator | Version |
---|---|---|---|
serverprotect | eq | 5.8 | |
serverprotect | eq | 5.8 | |
serverprotect | eq | 5.8 | |
serverprotect_for_network_appliance_filer | eq | 5.8 | |
serverprotect_for_storage | eq | 6.0 |