What is CVE-2016-6269?

CVE-2016-6269 is a critical-severity vulnerability in Trendmicro Smart_protection_server, classified under Path Traversal. CVSS score: 9.1/10. Published 2017-01-30.

How severe is CVE-2016-6269?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Path Traversal in Trendmicro Smart_protection_server

CVE-2016-6269

Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete arbitrary files via the tmpfname paramete…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.019 (83.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Trendmicro Smart_protection_server — versions 2.5, 2.6, 3.0
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cve@mitre.org (Technical Description, Exploit, Third Party Advisory, x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Patch, Mitigation, Vendor Advisory)

Frequently asked questions

What is CVE-2016-6269?: CVE-2016-6269 is a critical-severity vulnerability in Trendmicro Smart_protection_server, classified under Path Traversal. CVSS score: 9.1/10. Published 2017-01-30.
How severe is CVE-2016-6269?: Critical severity. CVSS v3 base score is 9.1 out of 10.