CVE-2018-10509
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to exploit it via a Browser Refresh attack on vulnerable installations. An attacker must be using a AD logon user account in order to exploit this vulnerability.
Una vulnerabilidad en Trend Micro OfficeScan 11.0 SP1 y XG podrÃa permitir que un atacante lo explote mediante un ataque de actualización de navegador en instalaciones vulnerables. El atacante debe emplear una cuenta de usuario AD logon para explotar esta vulnerabilidad.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-04-27 CVE Reserved
- 2018-06-12 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://success.trendmicro.com/solution/1119961 | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Trendmicro Search vendor "Trendmicro" | Officescan Search vendor "Trendmicro" for product "Officescan" | 11.0 Search vendor "Trendmicro" for product "Officescan" and version "11.0" | sp1 |
Affected
| ||||||
| Trendmicro Search vendor "Trendmicro" | Officescan Search vendor "Trendmicro" for product "Officescan" | xg Search vendor "Trendmicro" for product "Officescan" and version "xg" | - |
Affected
| ||||||
| Trendmicro Search vendor "Trendmicro" | Officescan Search vendor "Trendmicro" for product "Officescan" | xg Search vendor "Trendmicro" for product "Officescan" and version "xg" | sp1 |
Affected
| ||||||