CVE-2019-9488

  • Published Date: Wed 11 Sep 2019
  • Last Modified Date: Fri 13 Sep 2019

Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).

Impact

Severity: MEDIUM
Exploitability Score: 8.0
Impact Score: 2.9
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): SINGLE
Availability (A): NONE

References (Advisories, Solutions, and Tools):



Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD