CVE-2020-8466

CVE-2020-8466

EPSS 63.7%

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password.

Productos afectados

Trend Micro · Trend Micro InterScan Web Security Virtual Appliance

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-trend-micro-interscan-web-security-virtual-appliance/https://success.trendmicro.com/solution/000283077