CVE-2016-8584

CWE-284Improper Access Control3 documents3 sources
Severity
9.8CRITICAL
EPSS
4.1%
top 11.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trendmicro Threat Discovery Appliance
Timeline
PublishedApr 28
Latest updateMay 17

Description

Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5x2h-h4hh-q668: Trend Micro Threat Discovery Appliance 22022-05-17
CVEList
CVE-2016-8584: Trend Micro Threat Discovery Appliance 22017-04-28
CVE-2016-8584 (CRITICAL CVSS 9.8) | Trend Micro Threat Discovery Applia | cvebase.io