cnvd - cnvd-2017-01963

cnvd-2017-01963

Vulnerability from cnvd

Title: Trend Micro InterScan Web Security Virtual Appliance远程代码执行漏洞

Description:

Trend Micro InterScan Web Security Virtual Appliance（IWSVA）是美国趋势科技（Trend Micro）公司的一款针对基于Web方式的威胁为企业网络提供动态的、集成式的安全保护的Web安全网关。

Trend Micro IWSVA 6.5版本存在远程命令执行漏洞。允许远程攻击者通过Patch Update功能，以root权限运行任意命令。

Severity: 高

Patch Name: Trend Micro InterScan Web Security Virtual Appliance远程代码执行漏洞的补丁

Patch Description:

Trend Micro IWSVA 6.5版本存在远程命令执行漏洞。允许远程攻击者通过Patch Update功能，以root权限运行任意命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://www.korelogic.com/Resources/Advisories/KL-001-2017-001.txt

Reference: http://www.securityfocus.com/bid/96252

Impacted products

Name
Trend Micro InterScan Web Security Virtual Appliance 6.5

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "96252"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-9269"
    }
  },
  "description": "Trend Micro InterScan Web Security Virtual Appliance\uff08IWSVA\uff09\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280\uff08Trend Micro\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u9488\u5bf9\u57fa\u4e8eWeb\u65b9\u5f0f\u7684\u5a01\u80c1\u4e3a\u4f01\u4e1a\u7f51\u7edc\u63d0\u4f9b\u52a8\u6001\u7684\u3001\u96c6\u6210\u5f0f\u7684\u5b89\u5168\u4fdd\u62a4\u7684Web\u5b89\u5168\u7f51\u5173\u3002\r\n\r\nTrend Micro IWSVA 6.5\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u3002\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7Patch Update\u529f\u80fd\uff0c\u4ee5root\u6743\u9650\u8fd0\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "discovererName": "Kapil Khot, Vulnerability Researcher and Signature Developer, Qualys and Matt Bergin (@thatguylevel) of KoreLogic, Inc.",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.korelogic.com/Resources/Advisories/KL-001-2017-001.txt",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-01963",
  "openTime": "2017-02-25",
  "patchDescription": "Trend Micro InterScan Web Security Virtual Appliance\uff08IWSVA\uff09\u662f\u7f8e\u56fd\u8d8b\u52bf\u79d1\u6280\uff08Trend Micro\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u9488\u5bf9\u57fa\u4e8eWeb\u65b9\u5f0f\u7684\u5a01\u80c1\u4e3a\u4f01\u4e1a\u7f51\u7edc\u63d0\u4f9b\u52a8\u6001\u7684\u3001\u96c6\u6210\u5f0f\u7684\u5b89\u5168\u4fdd\u62a4\u7684Web\u5b89\u5168\u7f51\u5173\u3002\r\n\r\nTrend Micro IWSVA 6.5\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u3002\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7Patch Update\u529f\u80fd\uff0c\u4ee5root\u6743\u9650\u8fd0\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Trend Micro InterScan Web Security Virtual Appliance\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Trend Micro InterScan Web Security Virtual Appliance 6.5"
  },
  "referenceLink": "http://www.securityfocus.com/bid/96252",
  "serverity": "\u9ad8",
  "submitTime": "2017-02-17",
  "title": "Trend Micro InterScan Web Security Virtual Appliance\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2016-9269 (GCVE-0-2016-9269)

Vulnerability from cvelistv5

Published

2017-02-21 07:46

Modified

2024-08-06 02:42

Severity ?

CWE

Summary

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/96252	vdb-entry, x_refsource_BID
	https://success.trendmicro.com/solution/1116672	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037849	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:42:11.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "96252",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96252"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/1116672"
          },
          {
            "name": "1037849",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037849"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-02-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-24T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "96252",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96252"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://success.trendmicro.com/solution/1116672"
        },
        {
          "name": "1037849",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037849"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-9269",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "96252",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96252"
            },
            {
              "name": "https://success.trendmicro.com/solution/1116672",
              "refsource": "CONFIRM",
              "url": "https://success.trendmicro.com/solution/1116672"
            },
            {
              "name": "1037849",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037849"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-9269",
    "datePublished": "2017-02-21T07:46:00",
    "dateReserved": "2016-11-10T00:00:00",
    "dateUpdated": "2024-08-06T02:42:11.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted