Trendmicro

Interscan Web Security Virtual Appliance

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2020-28581

Exploit
  • EPSS 73.42%
  • Veröffentlicht 18.11.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:56

A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated ...

9

CVE-2020-28580

Exploit
  • EPSS 73.42%
  • Veröffentlicht 18.11.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:22:56

A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated pri...

8.8

CVE-2020-28579

Exploit
  • EPSS 38.54%
  • Veröffentlicht 18.11.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:22:56

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.

9.8

CVE-2020-28578

Exploit
  • EPSS 58.54%
  • Veröffentlicht 18.11.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:22:56

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.

9.8

CVE-2020-8606

Exploit
  • EPSS 88.83%
  • Veröffentlicht 27.05.2020 23:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:06

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.

8.8

CVE-2020-8605

Exploit
  • EPSS 88.7%
  • Veröffentlicht 27.05.2020 23:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:06

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability.

7.5

CVE-2020-8604

Exploit
  • EPSS 82.86%
  • Veröffentlicht 27.05.2020 23:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:06

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations.

6.1

CVE-2020-8603

  • EPSS 0.39%
  • Veröffentlicht 27.05.2020 23:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:06

A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability ...

8.8

CVE-2019-9490

  • EPSS 0.7%
  • Veröffentlicht 05.04.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:51:43

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability.

9

CVE-2017-11396

  • EPSS 0.88%
  • Veröffentlicht 22.09.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections.