Podatność CVE-2020-27016


Publikacja: 2020-11-09   Modyfikacja: 2020-11-10

Opis:
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by tricking an authenticated administrator into accessing an attacker-controlled web page. An attacker must already have obtained product administrator/root privileges to exploit this vulnerability.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
Wolfgang Ettling...
05.11.2020

Typ:

CWE-352

(Cross-Site Request Forgery (CSRF))

 Referencje:
https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/
https://success.trendmicro.com/solution/000279833

Copyright 2024, cxsecurity.com

 

Back to Top