CVE-2024-46902

CWE-89SQL Injection3 documents3 sources
Severity
9.1CRITICAL
EPSS
0.4%
top 39.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trend Micro, Inc. Trend Micro Deep Discovery InspectorTrendmicro Deep Discovery Inspector
Timeline
PublishedOct 22

Description

A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.7 | Impact: 6.0

Affected Packages2 packages

CVEListV5trend_micro,_inc./trend_micro_deep_discovery_inspector5.8, 6.6, 6.76.6.1097, 6.7.1107

🔴Vulnerability Details

2
CVEList
CVE-2024-46902: A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 52024-10-22
GHSA
GHSA-8fx5-jxm5-jcpr: A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 52024-10-22
CVE-2024-46902 (CRITICAL CVSS 9.1) | A vulnerability in Trend Micro Deep | cvebase.io