Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).
References
Link | Resource |
---|---|
https://success.trendmicro.com/solution/1122900 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trendmicro
Published: 2019-09-11T18:00:08
Updated: 2019-09-11T18:00:08
Reserved: 2019-03-01T00:00:00
Link: CVE-2019-9488
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-09-11T18:15:10.817
Modified: 2019-09-13T21:11:22.063
Link: CVE-2019-9488
JSON object: View
Redhat Information
No data.
CWE