Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-6340Cross-site Scripting in Interscan WEB Security Virtual Appliance

CWE-79Cross-site Scripting4 documents4 sources
Severity
5.4MEDIUMNVD
EPSS
0.2%
top 54.44%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Trendmicro Interscan WEB Security Virtual Appliance
Timeline
PublishedApr 5
Latest updateMay 17

Description

Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements incorrect access control that allows any authenticated, remote user (even with low privileges like 'Auditor') to create or modify reports, and consequently take advantage of this XSS vulnerability. The JavaScript is executed when v

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages1 packages

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-v737-x8qm-mgf3: Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 62022-05-17
CVEList
CVE-2017-6340: Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 62017-04-05

💥Exploits & PoCs

1
Exploit-DB
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2 - Multiple Vulnerabilities2017-01-12
CVE-2017-6340 — Cross-site Scripting in Trendmicro | cvebase