CVE-2017-11396
HIGHTrend Micro Web Security Virtual Appliance 6.5 - Code Injection
Title source: llmDescription
Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections.
References (1)
Core 1
Core References
Mitigation, Patch, Vendor Advisory x_refsource_confirm
https://success.trendmicro.com/solution/1117412
Scores
CVSS v3
7.2
EPSS
0.0088
EPSS Percentile
75.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
Trend Micro/InterScan Web Security Virtual Appliance
6.5
trendmicro/interscan_web_security_virtual_appliance
6.5
Published
Sep 22, 2017
Tracked Since
Feb 18, 2026