CVE-2020-27019 – Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
https://notcve.org/view.php?id=CVE-2020-27019
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key. Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versión 9.1, es susceptible a una vulnerabilidad de divulgación de información que podría permitir a un atacante acceder a una base de datos y clave específica Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities. • https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva https://success.trendmicro.com/solution/000279833 • CWE-306: Missing Authentication for Critical Function •
CVE-2020-27016 – Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
https://notcve.org/view.php?id=CVE-2020-27016
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by tricking an authenticated administrator into accessing an attacker-controlled web page. An attacker must already have obtained product administrator/root privileges to exploit this vulnerability. Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versión 9.1, es susceptible a una vulnerabilidad de tipo cross-site request forgery (CSRF) que podría permitir a un atacante modificar las reglas de políticas engañando a un administrador autenticado para que acceda a una página web controlada por el atacante. Un atacante ya debe haber obtenido privilegios de administrator/root del producto para explotar esta vulnerabilidad Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities. • https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva https://success.trendmicro.com/solution/000279833 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-3609
https://notcve.org/view.php?id=CVE-2018-3609
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations. Una vulnerabilidad en el portal de gestión de Trend Micro InterScan Messaging Security Virtual Appliance 9.0 y 9.1 podría permitir que un usuario no autenticado acceda a información sensible en un archivo de registro en particular que podría emplearse para omitir la autenticación en instalaciones vulnerables. • http://www.securityfocus.com/bid/103097 https://korelogic.com/Resources/Advisories/KL-001-2018-006.txt https://success.trendmicro.com/jp/solution/1119290 https://success.trendmicro.com/solution/1119277 • CWE-522: Insufficiently Protected Credentials CWE-532: Insertion of Sensitive Information into Log File •
CVE-2017-11391 – Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11391
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4744. Una vulnerabilidad de inyección de comandos proxy en Trend Micro InterScan Messaging Virtual Appliance 9.0 y 9.1 permite que atacantes remotos ejecuten código arbitrario en instalaciones vulnerables. Este fallo específico puede explotarse parseando el parámetro "t" en modMCSS Proxy. • http://www.securityfocus.com/bid/100075 http://www.zerodayinitiative.com/advisories/ZDI-17-502 https://success.trendmicro.com/solution/1117723 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2017-11392 – Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11392
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745. Una vulnerabilidad de inyección de comandos proxy en Trend Micro InterScan Messaging Virtual Appliance 9.0 y 9.1 permite que atacantes remotos ejecuten código arbitrario en instalaciones vulnerables. Este fallo específico puede explotarse parseando el parámetro "T" en modTMCSS Proxy. • http://www.securityfocus.com/bid/100075 http://www.zerodayinitiative.com/advisories/ZDI-17-504 https://success.trendmicro.com/solution/1117723 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •