CVE-2017-6398OS Command Injection in Interscan Messaging Security Virtual Appliance

CWE-78OS Command Injection3 documents3 sources
Severity
8.8HIGHNVD
EPSS
64.6%
top 1.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trendmicro Interscan Messaging Security Virtual Appliance
Timeline
PublishedMar 14
Latest updateMay 13

Description

An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator credentials. The saveCert.imss endpoint takes several user inputs and performs blacklisting. After that, it uses them as arguments to a predefined operating-system command without proper sanitization. However, because

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-w5hc-4jjm-xx8x: An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 92022-05-13
CVEList
CVE-2017-6398: An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 92017-03-14
CVE-2017-6398 — OS Command Injection in Trendmicro | cvebase