8.1

CVE-2017-14084

A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TrendmicroOfficescan Version11.0 Updatesp1
TrendmicroOfficescan Version12.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.13% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.1 2.2 5.9
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securitytracker.com/id/1039500
Third Party Advisory
VDB Entry
https://success.trendmicro.com/solution/1118372
Patch
Vendor Advisory
Issue Tracking
Mitigation
http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFFICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt
Third Party Advisory
http://packetstormsecurity.com/files/144400/TrendMicro-OfficeScan-11.0-XG-12.0-Man-In-The-Middle.html
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2017/Sep/87
Third Party Advisory
Mailing List
http://www.securityfocus.com/archive/1/541264/100/0/threaded
http://www.securityfocus.com/archive/1/541275/100/0/threaded
http://www.securityfocus.com/bid/101072
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/42891/
Third Party Advisory
VDB Entry