Vulnerabilites related to trendmicro - deep_security_manager
Vulnerability from fkie_nvd
Published
2020-08-27 21:15
Modified
2024-11-21 05:05
Severity ?
Summary
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/solution/000252039 | Patch, Vendor Advisory | |
| security@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-20-1083/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/000252039 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-1083/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trendmicro | deep_security_manager | 10.0 | |
| trendmicro | deep_security_manager | 11.0 | |
| trendmicro | deep_security_manager | 12.0 | |
| trendmicro | vulnerability_protection | 2.0 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "591F99B9-037F-49F2-90C9-C9327465ED3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BFDDD30A-3F6D-4611-A7EC-D66BC481D59D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "75D9AC7B-D110-417F-BC90-A70083D6935F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:vulnerability_protection:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E338E06A-643E-4655-BF0B-FB8A2C304458",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
},
{
"lang": "es",
"value": "Si la autenticaci\u00f3n LDAP est\u00e1 habilitada, una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n LDAP en Trend Micro Vulnerability Protection versi\u00f3n 2.0 SP2, podr\u00eda permitir a un atacante no autenticado con conocimiento previo de la organizaci\u00f3n objetivo omitir la autenticaci\u00f3n del administrador. Habilitar la autenticaci\u00f3n multifactorial impide este ataque. Las instalaciones que usan la autenticaci\u00f3n nativa del administrador o la autenticaci\u00f3n SAML no est\u00e1n afectadas por esta vulnerabilidad"
}
],
"id": "CVE-2020-15605",
"lastModified": "2024-11-21T05:05:50.803",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T21:15:12.290",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-11 18:15
Modified
2024-11-21 04:51
Severity ?
Summary
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/solution/1122900 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/1122900 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "591F99B9-037F-49F2-90C9-C9327465ED3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "EF1D72E4-FDF6-42F2-9386-61EC30C1D211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u10:*:*:*:*:*:*",
"matchCriteriaId": "2DAB0402-9690-4243-8B8C-2F172AAE2C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u11:*:*:*:*:*:*",
"matchCriteriaId": "B86C6A7C-7140-487B-821B-A43417CC7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u12:*:*:*:*:*:*",
"matchCriteriaId": "E83089CD-C7A6-4A38-9D66-1BD9CBA924DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u13:*:*:*:*:*:*",
"matchCriteriaId": "5B28B443-BC75-4242-8507-BECF19643494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u14:*:*:*:*:*:*",
"matchCriteriaId": "DD7C0B63-A98D-4DE3-A6CC-450B2B5E24BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u15:*:*:*:*:*:*",
"matchCriteriaId": "5EF7DFAD-C645-4C17-BD8B-6AE48A320638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u16:*:*:*:*:*:*",
"matchCriteriaId": "7F52979B-FFAF-46BD-A8D9-E2577A9EC348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u17:*:*:*:*:*:*",
"matchCriteriaId": "90CFE193-D935-44B3-935D-0DCF6946152C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u18:*:*:*:*:*:*",
"matchCriteriaId": "A1DD6725-9556-45A2-8B06-58C810009197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u19:*:*:*:*:*:*",
"matchCriteriaId": "3E0B9523-E67D-4186-8896-030F69B41C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u2:*:*:*:*:*:*",
"matchCriteriaId": "21F18E6E-BB26-46E9-8D27-8B697E922251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u3:*:*:*:*:*:*",
"matchCriteriaId": "310BE409-1D0E-46FC-B844-C19E1121499C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u4:*:*:*:*:*:*",
"matchCriteriaId": "E3A7E805-AFD2-4B59-8DD5-C0EEFA3A6CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u5:*:*:*:*:*:*",
"matchCriteriaId": "02FBEF38-47CC-4BAA-8AC6-E320C39D58EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u6:*:*:*:*:*:*",
"matchCriteriaId": "0DCA6B2A-2E8C-4E54-B5D5-F4D25B5A1D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u7:*:*:*:*:*:*",
"matchCriteriaId": "0DE942D5-93D4-4081-B670-CEE98B9B043C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u8:*:*:*:*:*:*",
"matchCriteriaId": "87A3CE1B-7B61-42B9-A670-90C75CF02A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:u9:*:*:*:*:*:*",
"matchCriteriaId": "82E894D8-4B43-493D-89C3-315541403598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BFDDD30A-3F6D-4611-A7EC-D66BC481D59D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:u1:*:*:*:*:*:*",
"matchCriteriaId": "08DA209E-A8FC-4917-9FC5-2DFB93339F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:u2:*:*:*:*:*:*",
"matchCriteriaId": "3786FB40-4B9C-4934-8B2D-8EA6E0D93E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:u3:*:*:*:*:*:*",
"matchCriteriaId": "56AA6016-4EA4-44B9-995A-323B67C8BC18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:u4:*:*:*:*:*:*",
"matchCriteriaId": "21325FFE-6BE6-463D-A166-E97E33C2B38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:u5:*:*:*:*:*:*",
"matchCriteriaId": "FD179AD2-8B30-4B99-9580-53FE28930934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:u6:*:*:*:*:*:*",
"matchCriteriaId": "F86DCE2E-1494-4A62-BD87-2847DF3BC84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:u7:*:*:*:*:*:*",
"matchCriteriaId": "593485A9-57B2-4F9C-8E07-51F8834C5A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.3:-:*:*:*:*:*:*",
"matchCriteriaId": "23E02397-40A2-4184-9E4C-8B38CF91EC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:vulnerability_protection:2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1749CC8D-55E1-4278-BF9C-F0B415C32F31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM)."
},
{
"lang": "es",
"value": "Trend Micro Deep Security Manager (versiones 10.x, 11.x) y Vulnerability Protection (versi\u00f3n 2.0) son vulnerables a un ataque de tipo XML External Entity. Sin embargo, para que el ataque sea posible, el atacante debe tener acceso root/admin a un host protegido que est\u00e9 autorizado para comunicarse con el Deep Security Manager (DSM)."
}
],
"id": "CVE-2019-9488",
"lastModified": "2024-11-21T04:51:42.967",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-11T18:15:10.817",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/1122900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/1122900"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 21:15
Modified
2024-11-21 05:05
Severity ?
Summary
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/solution/000252039 | Patch, Vendor Advisory | |
| security@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-20-1077/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/000252039 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-1077/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trendmicro | deep_security_manager | 10.0 | |
| trendmicro | deep_security_manager | 11.0 | |
| trendmicro | deep_security_manager | 12.0 | |
| trendmicro | vulnerability_protection | 2.0 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "591F99B9-037F-49F2-90C9-C9327465ED3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BFDDD30A-3F6D-4611-A7EC-D66BC481D59D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "75D9AC7B-D110-417F-BC90-A70083D6935F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:vulnerability_protection:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E338E06A-643E-4655-BF0B-FB8A2C304458",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
},
{
"lang": "es",
"value": "Si la autenticaci\u00f3n LDAP est\u00e1 habilitada, una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n LDAP en Trend Micro Deep Security versiones 10.x-12.x, podr\u00eda permitir a un atacante no autenticado con conocimiento previo de la organizaci\u00f3n objetivo omitir la autenticaci\u00f3n del administrador. Habilitar la autenticaci\u00f3n multifactorial impide este ataque. Las instalaciones que usan la autenticaci\u00f3n nativa del administrador o la autenticaci\u00f3n SAML no est\u00e1n afectadas por esta vulnerabilidad"
}
],
"id": "CVE-2020-15601",
"lastModified": "2024-11-21T05:05:50.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T21:15:12.227",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-27 21:15
Modified
2024-11-21 05:39
Severity ?
Summary
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@trendmicro.com | https://success.trendmicro.com/solution/000252039 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://success.trendmicro.com/solution/000252039 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trendmicro | deep_security_manager | 10.0 | |
| trendmicro | deep_security_manager | 11.0 | |
| trendmicro | deep_security_manager | 12.0 | |
| trendmicro | vulnerability_protection | 2.0 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "591F99B9-037F-49F2-90C9-C9327465ED3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BFDDD30A-3F6D-4611-A7EC-D66BC481D59D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "75D9AC7B-D110-417F-BC90-A70083D6935F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:vulnerability_protection:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E338E06A-643E-4655-BF0B-FB8A2C304458",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution."
},
{
"lang": "es",
"value": "Una vulnerabilidad en las consolas de administraci\u00f3n de Trend Micro Deep Security versiones 10.0-12.0 y Trend Micro Vulnerability Protection versi\u00f3n 2.0 SP2, puede permitir a un atacante autenticado con privilegios de control total omitir las comprobaciones de integridad de archivos, lo que conlleva a una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2020-8602",
"lastModified": "2024-11-21T05:39:06.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-27T21:15:12.387",
"references": [
{
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://success.trendmicro.com/solution/000252039"
}
],
"sourceIdentifier": "security@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-15601 (GCVE-0-2020-15601)
Vulnerability from cvelistv5
Published
2020-08-27 20:35
Modified
2024-08-04 13:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication Bypass
Summary
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro | Trend Micro Deep Security |
Version: 10.0, 11.0, 12.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:22:30.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "10.0, 11.0, 12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T20:35:18",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2020-15601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "10.0, 11.0, 12.0"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000252039",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2020-15601",
"datePublished": "2020-08-27T20:35:18",
"dateReserved": "2020-07-07T00:00:00",
"dateUpdated": "2024-08-04T13:22:30.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9488 (GCVE-0-2019-9488)
Vulnerability from cvelistv5
Published
2019-09-11 18:00
Modified
2024-08-04 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- XXE Attack
Summary
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Trend Micro | Trend Micro Deep Security |
Version: 10.x Version: 11.x |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/1122900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "10.x"
},
{
"status": "affected",
"version": "11.x"
}
]
},
{
"product": "Trend Micro Vulnerability Protection",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XXE Attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T18:00:08",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://success.trendmicro.com/solution/1122900"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2019-9488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "10.x"
},
{
"version_value": "11.x"
}
]
}
},
{
"product_name": "Trend Micro Vulnerability Protection",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XXE Attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/1122900",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1122900"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2019-9488",
"datePublished": "2019-09-11T18:00:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15605 (GCVE-0-2020-15605)
Vulnerability from cvelistv5
Published
2020-08-27 20:35
Modified
2024-08-04 13:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication Bypass
Summary
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro | Trend Micro Vulnerability Protection |
Version: 2.0 SP2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:22:30.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Vulnerability Protection",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "2.0 SP2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T20:35:19",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2020-15605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Vulnerability Protection",
"version": {
"version_data": [
{
"version_value": "2.0 SP2"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000252039",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000252039"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2020-15605",
"datePublished": "2020-08-27T20:35:19",
"dateReserved": "2020-07-07T00:00:00",
"dateUpdated": "2024-08-04T13:22:30.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8602 (GCVE-0-2020-8602)
Vulnerability from cvelistv5
Published
2020-08-27 20:35
Modified
2024-08-04 10:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integrity Verification Bypass
Summary
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Trend Micro | Trend Micro Deep Security |
Version: 10.0, 11.0, 12.0 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000252039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "10.0, 11.0, 12.0"
}
]
},
{
"product": "Trend Micro Vulnerability Management",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "2.0 SP2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integrity Verification Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T20:35:19",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000252039"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2020-8602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Deep Security",
"version": {
"version_data": [
{
"version_value": "10.0, 11.0, 12.0"
}
]
}
},
{
"product_name": "Trend Micro Vulnerability Management",
"version": {
"version_data": [
{
"version_value": "2.0 SP2"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integrity Verification Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000252039",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000252039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2020-8602",
"datePublished": "2020-08-27T20:35:19",
"dateReserved": "2020-02-04T00:00:00",
"dateUpdated": "2024-08-04T10:03:46.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}