PT-2017-13245 · Trend Micro · Trend Micro Scanmail For Exchange

Publicado

2017-12-15

·

Atualizado

2017-12-26

·

CVE-2017-14090

CVSS v3.1

9.1

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions Trend Micro ScanMail for Exchange version 12.0
Description A vulnerability exists in Trend Micro ScanMail for Exchange where some communications to the update servers are not encrypted.
Recommendations For version 12.0, ensure that all communications to the update servers are encrypted to mitigate the risk of exploitation.

Exploit

Correção

Inadequate Encryption Strength

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-326

Identificadores relacionados

CVE-2017-14090

Produtos afetados

Trend Micro Scanmail For Exchange