Trend Micro InterScan Web Security Virtual Appliance Privilege Escalation Vulnerability



Trend Micro InterScan Web Security Virtual Appliance is prone to a privilege-escalation vulnerability.

An attacker can exploit this issue to gain elevated privileges.

Information

Bugtraq ID: 97482
Class: Design Error
CVE: CVE-2017-6338

Remote: Yes
Local: No
Published: Apr 04 2017 12:00AM
Credit: Kapil Khot of Qualys.
Vulnerable: Trend Micro InterScan Web Security Virtual Appliance 6.5-SP2 CP 1739
Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 CP Build 162
Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2
Trend Micro InterScan Web Security Virtual Appliance 6.5 CP 1737
Trend Micro InterScan Web Security Virtual Appliance 6.5


Not Vulnerable: Trend Micro InterScan Web Security Virtual Appliance 6.5 CP 1746


Exploit


The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.


Related Posts

Comments