Trend Micro Interscan Web Security Virtual Appliance vulnerabilities

CVE-2019-9490 [HIGH] CVE-2019-9490: A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability.

CVE-2017-11396 [HIGH] CVE-2017-11396: Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections.