trendmicro interscan-messaging-security-virtual-appliance CVE-2018-3609 is a vulnerability in TrendMicro Interscan Messaging Security Virtual Appliance
Published on February 16, 2018

A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.

NVD

Weakness Type

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.


Products Associated with CVE-2018-3609

Want to know whenever a new CVE is published for TrendMicro Interscan Messaging Security Virtual Appliance? stack.watch will email you.

TrendMicro Interscan Messaging Security Virtual Appliance
 

Affected Versions

Trend Micro InterScan Messaging Security Virtual Appliance Version 9.0 and 9.1 is affected by CVE-2018-3609

Exploit Probability

EPSS
16.27%
Percentile
94.68%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.