github - ghsa-58v2-prpg-x6gf

ghsa-58v2-prpg-x6gf

Vulnerability from github

Published

2022-05-14 03:41

Modified

2022-05-14 03:41

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-3606"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-09T22:29:00Z",
    "severity": "HIGH"
  },
  "details": "XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.",
  "id": "GHSA-58v2-prpg-x6gf",
  "modified": "2022-05-14T03:41:30Z",
  "published": "2022-05-14T03:41:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3606"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/1119158"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-083"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-085"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-086"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-089"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-091"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-092"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-093"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-099"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-100"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-101"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-103"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-104"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-105"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-106"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-107"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-108"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-110"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2018-3606 (GCVE-0-2018-3606)

Vulnerability from cvelistv5

Published

2018-02-09 22:00

Modified

2024-08-05 04:50

Severity ?

CWE

SQL Injection

Summary

References

►

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-18-092/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-085/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-110/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-086/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-091/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-100/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-093/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-103/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-083/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-108/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-106/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-099/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-107/	x_refsource_MISC
	https://success.trendmicro.com/solution/1119158	x_refsource_CONFIRM
	https://www.zerodayinitiative.com/advisories/ZDI-18-105/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-089/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-101/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-18-104/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Trend Micro	Trend Micro Control Manager	Version: 6.0

Show details on NVD website