Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-14084Micro Officescan vulnerability

4 documents4 sources
Severity
8.1HIGHNVD
EPSS
7.9%
top 7.94%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Trend Micro OfficescanTrendmicro Officescan
Timeline
PublishedOct 6
Latest updateMay 13

Description

A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

NVDtrendmicro/officescan11.0, 12.0+1
CVEListV5trend_micro/trend_micro_officescan11.0, XG (12.0)

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-34vc-6r3v-hm8r: A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 112022-05-13
CVEList
CVE-2017-14084: A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 112017-10-05

💥Exploits & PoCs

1
Exploit-DB
Trend Micro OfficeScan 11.0/XG (12.0) - Man In The Middle Remote Code Execution2017-09-28
CVE-2017-14084 — Trend Micro Officescan vulnerability | cvebase