CVE-2020-8464
HIGHTrend Micro InterScan Web Security Virtual Appliance 6.5 SP2 - SSRF
Title source: llmDescription
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://success.trendmicro.com/solution/000283077
Exploit, Third Party Advisory x_refsource_misc
https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-trend-micro-interscan-web-security-virtual-appliance/
Scores
CVSS v3
7.5
EPSS
0.0064
EPSS Percentile
70.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-918
Status
published
Products (1)
trendmicro/interscan_web_security_virtual_appliance
6.5 sp2
Published
Dec 17, 2020
Tracked Since
Feb 18, 2026