CVE-2016-4351
CRITICALTrend Micro Email Encryption Gateway <5.5 - SQL Injection
Title source: llmDescription
SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway (TMEEG) 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-16-248
Vendor Advisory x_refsource_confirm
https://esupport.trendmicro.com/solution/en-US/1114060.aspx
Scores
CVSS v3
9.8
EPSS
0.0077
EPSS Percentile
73.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (1)
trendmicro/email_encryption_gateway
< 5.5
Published
May 05, 2016
Tracked Since
Feb 18, 2026