PT-2019-15264 · Trend Micro · Trend Micro Deep Security As A Service

Published

2019-12-16

Updated

2020-08-24

CVE-2019-18191

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Trend Micro Deep Security as a Service (affected versions not specified)

Description A privilege escalation issue exists in the Quick Setup cloud formation template of Trend Micro Deep Security as a Service. This could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-459

Related Identifiers

CVE-2019-18191

Affected Products

Trend Micro Deep Security As A Service

PT-2019-15264 · Trend Micro · Trend Micro Deep Security As A Service

CVE-2019-18191

Weakness Enumeration

Related Identifiers

Affected Products

References · 2