Page 4 of 18 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability. La aplicación Deep Security Manager (versiones 10.0, 11.0 y 12.0), cuando está configurada de cierta manera, puede transmitir la comunicación LDAP inicial en texto sin cifrar. Esto puede tener un impacto en la confidencialidad, pero no afecta la integridad o la disponibilidad. • https://success.trendmicro.com/solution/000149495 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 4.9EPSS: 0%CPEs: 30EXPL: 0

Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM). Trend Micro Deep Security Manager (versiones 10.x, 11.x) y Vulnerability Protection (versión 2.0) son vulnerables a un ataque de tipo XML External Entity. Sin embargo, para que el ataque sea posible, el atacante debe tener acceso root/admin a un host protegido que esté autorizado para comunicarse con el Deep Security Manager (DSM). • https://success.trendmicro.com/solution/1122900 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system. Una vulnerabilidad de secuestro de DLL en Trend Micro's User-Mode Hooking Module (UMH) podría permitir que un atacante ejecute código arbitrario en un sistema vulnerable. • http://www.securityfocus.com/bid/103096 https://jvn.jp/jp/JVN28865183 https://success.trendmicro.com/jp/solution/1119348 https://success.trendmicro.com/solution/1119326 • CWE-426: Untrusted Search Path •