CVE-2017-14092

CVE-2017-14092

EPSS 0.9%

The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://success.trendmicro.com/solution/1118486 https://www.coresecurity.com/advisories/trend-micro-scanmail-microsoft-exchange-multiple-vulnerabilities