Trendmicro Interscan_web_security_virtual_appliance
29 CVEs affecting Trendmicro Interscan_web_security_virtual_appliance. Latest disclosed: 2024-06-10. Critical: 5, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-9269 | Critical | 9.9 | 2017-02-21 | Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linu… |
CVE-2020-8466 | Critical | 9.8 | 2020-12-17 | A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could all… |
CVE-2020-8465 | Critical | 9.8 | 2020-12-17 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSR… |
CVE-2020-28578 | Critical | 9.8 | 2020-11-18 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTT… |
CVE-2020-8606 | Critical | 9.8 | 2020-05-27 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Tr… |
CVE-2020-8461 | High | 8.8 | 2020-12-17 | A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to sen… |
CVE-2020-28579 | High | 8.8 | 2020-11-18 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP… |
CVE-2020-8605 | High | 8.8 | 2020-05-27 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Aut… |
CVE-2019-9490 | High | 8.8 | 2019-04-05 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentia… |
CVE-2016-9315 | High | 8.8 | 2017-02-21 | Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) ve… |
CVE-2016-9314 | High | 7.8 | 2017-02-21 | Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Bui… |
CVE-2020-8464 | High | 7.5 | 2020-12-17 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost… |
CVE-2020-8463 | High | 7.5 | 2020-12-17 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous us… |
CVE-2020-8604 | High | 7.5 | 2020-05-27 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installati… |
CVE-2020-28581 | High | 7.2 | 2020-11-18 | A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attack… |
CVE-2020-28580 | High | 7.2 | 2020-11-18 | A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker… |
CVE-2017-11396 | High | 7.2 | 2017-09-22 | Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who al… |
CVE-2017-6339 | Medium | 6.5 | 2017-04-05 | Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages certain key and certificate data. Per IWSVA documentation, by defaul… |
CVE-2017-6338 | Medium | 6.5 | 2017-04-05 | Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low… |
CVE-2020-8603 | Medium | 6.1 | 2020-05-27 | A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web inter… |