CVE-2017-14091

CWE-3453 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 51.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trend Micro Trend Micro Scanmail FOR ExchangeTrendmicro Scanmail
Timeline
PublishedDec 16
Latest updateMay 14

Description

A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-vv38-4298-rc55: A vulnerability in Trend Micro ScanMail for Exchange 122022-05-14
CVEList
CVE-2017-14091: A vulnerability in Trend Micro ScanMail for Exchange 122017-12-15
CVE-2017-14091 (HIGH CVSS 7.5) | A vulnerability in Trend Micro Scan | cvebase.io