Lucene search
K

13 matches found

NVD
NVD
added 2020/12/17 9:15 p.m.26 views

CVE-2020-27010

A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462...

4.8CVSS4.9AI score0.00713EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/17 9:5 p.m.25 views

CVE-2020-8463

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths...

7.5AI score0.05908EPSS
Exploits2References2
Cvelist
Cvelist
added 2020/12/17 9:5 p.m.30 views

CVE-2020-27010

A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462...

4.9AI score0.00713EPSS
Exploits0References1
NVD
NVD
added 2020/05/27 11:15 p.m.29 views

CVE-2020-8603

A cross-site scripting vulnerability XSS in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...

6.1CVSS6AI score0.01976EPSS
Exploits0References2
NVD
NVD
added 2020/05/27 11:15 p.m.20 views

CVE-2020-8604

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations...

7.5CVSS7.9AI score0.89661EPSS
Exploits7References4
OSV
OSV
added 2017/09/22 4:29 p.m.4 views

CVE-2017-11396

Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections...

7.2CVSS6AI score0.03196EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/03/29 12:0 a.m.23 views

Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration isDHCP6_data Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within ConfigIPNetwork's saveNetworkConfiguration method. A...

9CVSS5.2AI score
Exploits0References1
NVD
NVD
added 2017/02/21 7:59 a.m.31 views

CVE-2016-9314

Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto thei...

7.8CVSS7.2AI score0.03021EPSS
Exploits3References3
Prion
Prion
added 2017/02/21 7:59 a.m.14 views

Information disclosure

Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto thei...

4CVSS6.5AI score0.03021EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2017/02/21 7:46 a.m.56 views

CVE-2016-9269

CVE-2016-9269 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5.x before Build 1737. The vulnerability lies in the ManagePatches servlet (com.trend.iwss.gui.servlet.ManagePatches) where insecure access controls during patch updates allow an authenticated, remote user with l...

9.9CVSS9.7AI score0.13419EPSS
Exploits3References3Affected Software1
KoreLogic Security
KoreLogic Security
added 2017/02/15 12:0 a.m.654 views

Trendmicro InterScan Privilege Escalation Vulnerability

Vulnerability Details Affected Vendor: Trendmicro Affected Product: InterScan Web Security Virtual Appliance Affected Version: OS Version 3.5.1321.el6.x8664; Application Version 6.5-SP2BuildLinux1548 Platform: Embedded Linux CWE Classification: CWE-269: Improper Privilege Management Impact:...

8.8CVSS9.2AI score0.0898EPSS
Exploits5Affected Software2
CVE
CVE
added 2015/06/26 10:0 a.m.59 views

CVE-2015-4216

The CVE concerns Cisco WSAv/ESAv/SMAv devices where the remote-support feature uses the same default SSH root authorized key across different customer installations, enabling an attacker with knowledge of a private key from another installation to bypass authentication. Affected products are Cisc...

5CVSS7.1AI score0.03316EPSS
Exploits0References4Affected Software3
NVD
NVD
added 2014/11/07 7:55 p.m.12 views

CVE-2014-8510

The AdminUI in Trend Micro InterScan Web Security Virtual Appliance IWSVA before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters...

4CVSS6.2AI score0.01487EPSS
Exploits0References1
Rows per page
Query Builder