4 matches found
CVE-2019-9488
CVE-2019-9488 affects Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0). The vulnerability is a XML External Entity Attack triggered when parsing XML, with the prerequisite that an attacker already has root/admin access on a host approved to communicate with the De...
CVE-2020-15605
The CVE-2020-15605 entry concerns Trend Micro Vulnerability Protection 2.0 SP2 with LDAP authentication enabled. The flaw allows an unauthenticated attacker who has knowledge of the targeted organization to bypass the manager authentication mechanism via LDAP authentication bypass. The impact is ...
CVE-2020-15601
Summary: CVE-2020-15601 concerns an LDAP authentication bypass in Trend Micro Deep Security Manager (versions 10.x–12.x). When LDAP authentication is enabled, an unauthenticated attacker with prior knowledge of the targeted organization could bypass manager authentication. The vulnerability is mi...
CVE-2020-8602
CVE-2020-8602 affects Trend Micro Deep Security 10.0–12.0 and Trend Micro Vulnerability Protection 2.0 SP2. The issue is in the management consoles where an authenticated attacker with full control privileges can bypass file integrity checks, leading to remote code execution. The NVD entry lists ...