2 matches found
CVE-2017-9033
Cross-site request forgery CSRF vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication of users for requests to start an update from an arbitrary source via a crafted request to SProtectLinux/scanoptionset.cgi, related to the...
CVE-2017-9033
CVE-2017-9033 affects Trend Micro ServerProtect for Linux (version 3.0 prior to CP 1531). The Web-based Management Console lacks anti-CSRF tokens, enabling an attacker to submit authenticated requests to start an update from an arbitrary source via SProtectLinux/scanoption_set.cgi. The Core Secur...