CVE-2015-2873

Trend Micro Deep Discovery Inspector <3.5.1477-<3.8.1263 - Info Dis...

Title source: llm

Description

Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x before 3.7.1248, 3.8.x before 3.8.1263, and other versions allows remote attackers to obtain sensitive information or change the configuration via a direct request to the (1) system log URL, (2) whitelist URL, or (3) blacklist URL.

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/76396

[Patch, Vendor Advisory] http://esupport.trendmicro.com/solution/en-US/1112206.aspx

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/248692

Scores

EPSS 0.0254

EPSS Percentile 85.5%

Details

CWE

CWE-425

Status published

Products (4)

trendmicro/deep_discovery_inspector 3.5 (3 CPE variants)

trendmicro/deep_discovery_inspector 3.6

trendmicro/deep_discovery_inspector 3.7 (3 CPE variants)

trendmicro/deep_discovery_inspector 3.8 (2 CPE variants)

Published Aug 23, 2015

Tracked Since Feb 18, 2026