CVEブラウザに戻る

CVE-2020-8606

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0050%

EPSS Percentile28.75th

Published2020年5月27日

Last Modified2024年11月21日

Vulnerability Description

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.

Affected Platforms (CPE)

📦

Trendmicro

Interscan Web Security Virtual Appliance

= 6.5

References & Advisories

🔗 http://packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance-Remote-Code-Execution.html

🔗 http://packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execution.html

🔗 https://success.trendmicro.com/solution/000253095

🔗 https://www.zerodayinitiative.com/advisories/ZDI-20-677/

🔗 http://packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance-Remote-Code-Execution.html

🔗 http://packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execution.html

🔗 https://success.trendmicro.com/solution/000253095

🔗 https://www.zerodayinitiative.com/advisories/ZDI-20-677/

関連する脆弱性情報

CVE-2016-92699.9

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSV...

CVE-2020-84669.8

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hash...

CVE-2020-285789.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to...

CVE-2020-84659.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updat...