ID CVE-2017-6398
Summary An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator credentials. The saveCert.imss endpoint takes several user inputs and performs blacklisting. After that, it uses them as arguments to a predefined operating-system command without proper sanitization. However, because of an improper blacklisting rule, it's possible to inject arbitrary commands into it.
References
Vulnerable Configurations
  • cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.1-1600:*:*:*:*:*:*:*
    cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.1-1600:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
refmap via4
bid 96859
misc https://www.rapid7.com/db/modules/exploit/linux/http/trend_micro_imsva_exec
Last major update 03-10-2019 - 00:03
Published 14-03-2017 - 09:59
Last modified 03-10-2019 - 00:03
Back to Top