Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 HTTP Message AddVLANItem os command injection

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 (Anti-Malware Software). It has been rated as critical. Affected by this issue is the function AddVLANItem of the component HTTP Message Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1070208412/08/2020VulD...cvss3_nvd_basescore7.2nist.gov12/08/2020accepted90
1070208312/08/2020VulD...cvss2_nvd_basescore9.0nist.gov12/08/2020accepted90
1070208212/08/2020VulD...cvss3_meta_tempscore6.7see documentation12/08/2020accepted90
1070208112/08/2020VulD...cvss3_meta_basescore6.7see documentation12/08/2020accepted90
1070208012/08/2020VulD...cvss2_nvd_aiCnvd.nist.gov12/08/2020accepted70
1070207912/08/2020VulD...cvss2_nvd_iiCnvd.nist.gov12/08/2020accepted70
1070207812/08/2020VulD...cvss2_nvd_ciCnvd.nist.gov12/08/2020accepted70
1070207712/08/2020VulD...cvss2_nvd_auSnvd.nist.gov12/08/2020accepted70
1070207612/08/2020VulD...cvss2_nvd_acLnvd.nist.gov12/08/2020accepted70
1070207512/08/2020VulD...cvss2_nvd_avNnvd.nist.gov12/08/2020accepted70
1070207412/08/2020VulD...cvss3_nvd_aHnvd.nist.gov12/08/2020accepted70
1070207312/08/2020VulD...cvss3_nvd_iHnvd.nist.gov12/08/2020accepted70
1070207212/08/2020VulD...cvss3_nvd_cHnvd.nist.gov12/08/2020accepted70
1070207112/08/2020VulD...cvss3_nvd_sUnvd.nist.gov12/08/2020accepted70
1070207012/08/2020VulD...cvss3_nvd_uiNnvd.nist.gov12/08/2020accepted70
1070206912/08/2020VulD...cvss3_nvd_prHnvd.nist.gov12/08/2020accepted70
1070206812/08/2020VulD...cvss3_nvd_acLnvd.nist.gov12/08/2020accepted70
1070206712/08/2020VulD...cvss3_nvd_avNnvd.nist.gov12/08/2020accepted70
1070206612/08/2020VulD...cve_nvd_summaryA command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.cve.mitre.org12/08/2020accepted70
1070206512/08/2020VulD...cve_assigned1605222000cve.mitre.org12/08/2020accepted70

Do you know our Splunk app?

Download it now for free!