Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability.
References
Link | Resource |
---|---|
https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/ | Exploit Third Party Advisory |
https://success.trendmicro.com/solution/000279833 | Exploit Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trendmicro
Published: 2020-11-09T23:10:34
Updated: 2020-11-09T23:10:34
Reserved: 2020-10-12T00:00:00
Link: CVE-2020-27018
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-11-09T23:15:12.223
Modified: 2020-11-24T18:26:14.930
Link: CVE-2020-27018
JSON object: View
Redhat Information
No data.
CWE