SSRF in Trend Micro Interscan Web Security Virtual Appliance

CVE-2020-8464

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normall…

Vulnerability class: SSRF (Server-Side Request Forgery)

EPSS: 0.063 (92.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2020-8464?
CVE-2020-8464 is a high-severity vulnerability in Trend Micro Interscan Web Security Virtual Appliance, classified under Server-Side Request Forgery (SSRF). CVSS score: 7.5/10. Published 2020-12-17.
How severe is CVE-2020-8464?
High severity. CVSS v3 base score is 7.5 out of 10.