CVE-2007-1169Micro Serverprotect vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 49.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trend Micro Serverprotect
Timeline
PublishedMar 2
Latest updateMay 1

Description

The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDtrend_micro/serverprotect1.25_2007-02-16

Patches

Patch: www.trendmicro.comPatch: www.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-2245-5h8g-6r6m: The web interface in Trend Micro ServerProtect for Linux (SPLX) 12022-05-01
CVEList
CVE-2007-1169: The web interface in Trend Micro ServerProtect for Linux (SPLX) 12007-02-28
CVE-2007-1169 — Trend Micro Serverprotect vulnerability | cvebase