← voltar
CVE-2020-27018

CVE-2020-27018

EPSS 3.5%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 3.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
09 nov 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability.
Produtos afetados
Trend Micro · Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/https://success.trendmicro.com/solution/000279833