Vulnerability in Trend Micro Password Manager
CVE-2019-19696
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL cer…
EPSS: 0.005 (37.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Trend Micro Password Manager — versions 5.0.0.1076 and below (Windows) and 5.0.1047 and below (Mac)
- Trendmicro Password_manager
Weakness classification (CWE)
References
- security@trendmicro.com (x_refsource_MISC, Vendor Advisory)
- security@trendmicro.com (Third Party Advisory, x_refsource_MISC)
- security@trendmicro.com (x_refsource_MISC, Vendor Advisory)
- security@trendmicro.com (Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2019-19696?
- CVE-2019-19696 is a medium-severity vulnerability in Trend Micro Password Manager, classified under Insufficiently Protected Credentials. CVSS score: 5.5/10. Published 2020-01-18.
- How severe is CVE-2019-19696?
- Medium severity. CVSS v3 base score is 5.5 out of 10.