CVE-2017-5481Sensitive Information Exposure in Officescan

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.5%
top 35.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trendmicro Officescan
Timeline
PublishedMay 3
Latest updateMay 13

Description

Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDtrendmicro/officescan11.0, 12.0+1

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-6q22-m5m2-9cph: Trend Micro OfficeScan 112022-05-13
CVEList
CVE-2017-5481: Trend Micro OfficeScan 112017-05-03
CVE-2017-5481 — Sensitive Information Exposure | cvebase