CVE-2017-11387

Name of the Vulnerable Software and Affected Versions Trend Micro Control Manager version 6.0

Description The issue allows for authentication bypass, leading to information disclosure. This occurs because authentication validation is not properly performed for certain functionality, specifically the ability to change the debug logging level.

Recommendations For Trend Micro Control Manager version 6.0, consider restricting access to the functionality that allows changing the debug logging level until a fix is available. As a temporary workaround, disabling the ability to modify debug logging levels can help minimize the risk of exploitation.