CVE-2017-11396

Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections.

Published: Sep 22, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-11396
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
trendmicro / interscan_web_security_virtual_appliance	6.5	6.5.x

https://success.trendmicro.com/solution/1117412

Vulnerability Database

290,020

CVE-2017-11396