PT-2017-16522 · Trend Micro · Trend Micro Officescan+1

Published

2017-05-03

Updated

2019-10-03

CVE-2017-5481

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan versions 11.0 before SP1 CP 6325 Trend Micro OfficeScan XG before CP 1352

Description The issue allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation.

Recommendations For Trend Micro OfficeScan versions 11.0 before SP1 CP 6325, update to SP1 CP 6325 or later. For Trend Micro OfficeScan XG before CP 1352, update to CP 1352 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-5481

Affected Products

Trend Micro Officescan

Trend Micro Officescan Xg

PT-2017-16522 · Trend Micro · Trend Micro Officescan+1

CVE-2017-5481

Weakness Enumeration

Related Identifiers

Affected Products

References · 4