PT-2015-5954 · Trend Micro · Trend Micro Deep Discovery Inspector
Hyp3Rlinx
+1
·
Publicado
2015-08-23
·
Atualizado
2021-09-09
·
CVE-2015-2873
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Trend Micro Deep Discovery Inspector (DDI) versions prior to 3.5.1477
Trend Micro Deep Discovery Inspector (DDI) versions 3.6.x prior to 3.6.1217
Trend Micro Deep Discovery Inspector (DDI) versions 3.7.x prior to 3.7.1248
Trend Micro Deep Discovery Inspector (DDI) versions 3.8.x prior to 3.8.1263
Description
The issue allows remote attackers to obtain sensitive information or change the configuration via a direct request to specific URLs, including the system log URL, whitelist URL, or blacklist URL.
Recommendations
For versions prior to 3.5.1477, update to version 3.5.1477 or later.
For versions 3.6.x prior to 3.6.1217, update to version 3.6.1217 or later.
For versions 3.7.x prior to 3.7.1248, update to version 3.7.1248 or later.
For versions 3.8.x prior to 3.8.1263, update to version 3.8.1263 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Trend Micro Deep Discovery Inspector