PT-2017-11968 · Trend Micro · Trend Micro Deep Discovery Inspector

Brian Gorenc

Publicado

2017-07-31

Atualizado

2019-10-03

CVE-2017-11382

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Trend Micro Deep Discovery Email Inspector version 2.5.1

Description The issue allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. This can be exploited to cause a Denial of Service.

Recommendations For version 2.5.1, consider restricting access to the kdump setting to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Exposure of Resource to Wrong Sphere

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-668

Identificadores relacionados

CVE-2017-11382

ZDI-17-503

Produtos afetados

Trend Micro Deep Discovery Inspector

PT-2017-11968 · Trend Micro · Trend Micro Deep Discovery Inspector

CVE-2017-11382

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6