Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-3006

Malware in sbrugna...

7.5CVSS7.8AI score0.00464EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/02 12:0 a.m.2 views

Trend Micro Deep Discovery Director Command Injection Vulnerability

Trend Micro Deep Discovery is a protection product from Trend Micro that detects and identifies hard-to-find threats in real time and proposes solutions. director is one of the built-in solutions with the ability to update and upgrade various programs in Deep Discovery. A command injection...

9.8CVSS7.5AI score0.03097EPSS
Exploits0References1
OSV
OSV
added 2017/08/01 3:29 p.m.1 views

CVE-2017-11380

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1...

9.8CVSS5.7AI score0.01464EPSS
Exploits0References2
Prion
Prion
added 2017/08/01 3:29 p.m.18 views

Command injection

A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console...

7.5CVSS9.6AI score0.03097EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/08/01 3:29 p.m.17 views

CVE-2017-11381

A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console...

9.8CVSS9.6AI score0.03097EPSS
Exploits0References2
OSV
OSV
added 2017/08/01 3:29 p.m.2 views

CVE-2017-11379

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

7.5CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2017/08/01 3:29 p.m.12 views

CVE-2017-11380

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1...

9.8CVSS9.6AI score0.01464EPSS
Exploits0References2
NVD
NVD
added 2017/08/01 3:29 p.m.20 views

CVE-2017-11379

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

7.5CVSS7.6AI score0.00464EPSS
Exploits0References2
Prion
Prion
added 2017/08/01 3:29 p.m.10 views

Design/Logic Flaw

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1...

7.5CVSS9.5AI score0.01464EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/08/01 3:29 p.m.2 views

CVE-2017-11381

A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console...

9.8CVSS5.8AI score0.03097EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/01 3:0 p.m.20 views

CVE-2017-11380

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1...

9.6AI score0.01464EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/01 3:0 p.m.22 views

CVE-2017-11379

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

8.1AI score0.00464EPSS
Exploits0References2
CVE
CVE
added 2017/08/01 3:0 p.m.52 views

CVE-2017-11381

Summary: CVE-2017-11381 affects Trend Micro Deep Discovery Director 1.1. A command injection vulnerability exists in the backup/restore flow that can be exploited to restore accounts and ultimately gain code execution as root. The issue arises during the restore of textUI accounts: the process as...

9.8CVSS9.6AI score0.03097EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/01 3:0 p.m.56 views

CVE-2017-11379

CVE-2017-11379 (and related CVEs 11380, 11381) affect Trend Micro Deep Discovery Director 1.1. Core Security CORE-2017-0005 reports vulnerabilities in the backup/restore workflow: backups are not signed/validated, archives are encrypted with a static password across appliances, and a command-inje...

7.5CVSS8AI score0.00464EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/01 3:0 p.m.45 views

CVE-2017-11380

The connected CORE advisory for Trend Micro Deep Discovery Director 1.1 details CVE-2017-11380 (backup archives encrypted with a static, hard-coded password) and CVE-2017-11381 (command injection during backup-restore accounts handling), enabling potential code execution with root privileges via ...

9.8CVSS9.5AI score0.01464EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/01 3:0 p.m.20 views

CVE-2017-11381

A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console...

9.7AI score0.03097EPSS
Exploits0References2
myhack58
myhack58
added 2017/07/19 12:0 a.m.60 views

Trend Micro Deep Discovery Director vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability information Type: OS command in the special elements improper handling ofCWE-78, use of hard-coded cryptographic keysCWE-321, data authenticity verification is insufficientCWE-345 Impact: code execution Remote exploit: Yes Local exploit: Yes CVE name: CVE-pending-assignment-1,...

8.1AI score
Exploits0
Rows per page
Query Builder