Published: 09/11/2020 Updated: 24/11/2020

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4.4 | Impact Score: 3.6 | Exploitability Score: 0.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Interscan Messaging Security Virtual Appliance

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated.

Vulnerable Product	Search on Vulmon	Subscribe to Product
trendmicro interscan_messaging_security_virtual_appliance

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 910 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities ...

Full Disclosure mailing list archives   By Date By Thread </form>    SEC Consult SA-20201104-0 :: Multiple vulnerabilities in Trend Micro InterScan Messaging Security Virtual Appliance (IM ...

CWE-916 https://success.trendmicro.com/solution/000279833 https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/https://nvd.nist.gov https://packetstormsecurity.com/files/159914/Trend-Micro-IMSVA-CSRF-XML-Injection-SSRF-File-Disclosure.html

CVE-2020-27693

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect