← Back to CVEs
CVE-2020-8606
CRITICAL9.8
Description
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published5/27/2020
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
trendmicro:interscan_web_security_virtual_appliance
Weaknesses (CWE)
CWE-287
References
http://packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance-Remote-Code-Execution.html(security@trendmicro.com)
http://packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execution.html(security@trendmicro.com)
https://success.trendmicro.com/solution/000253095(security@trendmicro.com)
https://www.zerodayinitiative.com/advisories/ZDI-20-677/(security@trendmicro.com)
http://packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/solution/000253095(af854a3a-2127-422b-91ae-364da2661108)
https://www.zerodayinitiative.com/advisories/ZDI-20-677/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.