CVE-2020-27018 - OpenCVE

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Trendmicro	Interscan Messaging Security Virtual Appliance

Configuration 1 [-]

AND

cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/	Exploit Third Party Advisory
https://success.trendmicro.com/solution/000279833	Exploit Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: trendmicro

Published: 2020-11-09T23:10:34

Updated: 2020-11-09T23:10:34

Reserved: 2020-10-12T00:00:00

Link: CVE-2020-27018

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-11-09T23:15:12.223

Modified: 2020-11-24T18:26:14.930

Link: CVE-2020-27018

JSON object: View

Redhat Information

No data.

CWE

CWE-918

{"containers": {"cna": {"affected": [{"product": "Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA)", "vendor": "Trend Micro", "versions": [{"status": "affected", "version": "9.1"}]}], "descriptions": [{"lang": "en", "value": "Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability."}], "problemTypes": [{"descriptions": [{"description": "SSRF", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-09T23:10:34", "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://success.trendmicro.com/solution/000279833"}, {"tags": ["x_refsource_MISC"], "url": "https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@trendmicro.com", "ID": "CVE-2020-27018", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA)", "version": {"version_data": [{"version_value": "9.1"}]}}]}, "vendor_name": "Trend Micro"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "SSRF"}]}]}, "references": {"reference_data": [{"name": "https://success.trendmicro.com/solution/000279833", "refsource": "MISC", "url": "https://success.trendmicro.com/solution/000279833"}, {"name": "https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/", "refsource": "MISC", "url": "https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/"}]}}}}, "cveMetadata": {"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "assignerShortName": "trendmicro", "cveId": "CVE-2020-27018", "datePublished": "2020-11-09T23:10:34", "dateReserved": "2020-10-12T00:00:00", "dateUpdated": "2020-11-09T23:10:34", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "B200642A-40B5-46AD-815B-C844CBFF5EC2", "versionEndIncluding": "9.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability."}, {"lang": "es", "value": "Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versi\u00f3n 9.1, es susceptible a una vulnerabilidad de tipo server side request forgery que podr\u00eda permitir a un atacante autenticado abusar del servidor web del producto y otorgar acceso a recursos web o partes de archivos locales. Un atacante ya debe haber obtenido privilegios autenticados en el producto para explotar esta vulnerabilidad"}], "id": "CVE-2020-27018", "lastModified": "2020-11-24T18:26:14.930", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-09T23:15:12.223", "references": [{"source": "security@trendmicro.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/"}, {"source": "security@trendmicro.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000279833"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}