CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-27016

HIGH
8.8
CVSS Severity Score
EPSS Score0.1320%
EPSS Percentile20.86th
Published2020年11月9日
Last Modified2024年11月21日

Vulnerability Description

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by tricking an authenticated administrator into accessing an attacker-controlled web page. An attacker must already have obtained product administrator/root privileges to exploit this vulnerability.

Affected Platforms (CPE)

📦
Trendmicro

Interscan Messaging Security Virtual Appliance

<= 9.1

References & Advisories

🔗 https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/
🔗 https://success.trendmicro.com/solution/000279833
🔗 https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/
🔗 https://success.trendmicro.com/solution/000279833

相关漏洞威胁

CVE-2020-285789.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to...

CVE-2020-285798.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to s...

CVE-2020-276948.8

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 has updated a specific critical library that may vulnerable...

CVE-2017-63988.8

An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execut...