CVE-2001-1151Micro Officescan vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.1%
top 21.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trend Micro OfficescanTrend Micro Virus Buster
Timeline
PublishedOct 15
Latest updateApr 30

Description

Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDtrend_micro/virus_bustercorporate_3.53
NVDtrend_micro/officescancorporate_3.53

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-fj5w-mc7h-wqh5: Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 32022-04-30
CVEList
CVE-2001-1151: Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 32002-03-15
CVE-2001-1151 — Trend Micro Officescan vulnerability | cvebase