CVE-2015-2873

Trend Micro Deep Discovery Inspector <3.5.1477-<3.8.1263 - Info Dis...

Title source: llm

Description

Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x before 3.7.1248, 3.8.x before 3.8.1263, and other versions allows remote attackers to obtain sensitive information or change the configuration via a direct request to the (1) system log URL, (2) whitelist URL, or (3) blacklist URL.

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/76396

Patch, Vendor Advisory x_refsource_confirm

http://esupport.trendmicro.com/solution/en-US/1112206.aspx

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/248692

Scores

EPSS 0.0267

EPSS Percentile 83.8%

Details

CWE

CWE-425

Status published

Products (4)

trendmicro/deep_discovery_inspector 3.5 (3 CPE variants)

trendmicro/deep_discovery_inspector 3.6

trendmicro/deep_discovery_inspector 3.7 (3 CPE variants)

trendmicro/deep_discovery_inspector 3.8 (2 CPE variants)

Published Aug 23, 2015

Tracked Since Feb 18, 2026