Trend Micro Threat Discovery Appliance CVE-2016-8584 Authentication Bypass Vulnerability

Trend Micro Threat Discovery Appliance is prone to an authentication-bypass vulnerability.

An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks.

Trend Micro Threat Discovery Appliance 2.6.1062r1 and prior versions are vulnerable.

Information

Bugtraq ID: 98333
Class: Design Error
CVE: CVE-2016-8584

Remote: Yes
Local: No
Published: Apr 20 2017 12:00AM
Updated: May 08 2017 08:07PM
Credit: Roberto Suggi Liverani
Vulnerable: Trend Micro Threat Discovery Appliance 2.6.1062r1

Not Vulnerable:

Exploit

The following proof-of-concept is available:

/data/vulnerabilities/exploits/98333.py
/data/vulnerabilities/exploits/98333.py

References:

Trend Micro Control Manager Homepage (Trend Micro)

Source: www.securityfocus.com

Exploit Collector

Search Exploit