Trendmicro Interscan_web_security_virtual_appliance

29 CVEs affecting Trendmicro Interscan_web_security_virtual_appliance. Latest disclosed: 2024-06-10. Critical: 5, High: 12.

Top CVEs affecting Trendmicro Interscan_web_security_virtual_appliance
CVESeverityScorePublishedSummary
CVE-2016-9269Critical9.92017-02-21Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linu…
CVE-2020-8466Critical9.82020-12-17A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could all…
CVE-2020-8465Critical9.82020-12-17A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSR…
CVE-2020-28578Critical9.82020-11-18A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTT…
CVE-2020-8606Critical9.82020-05-27A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Tr…
CVE-2020-8461High8.82020-12-17A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to sen…
CVE-2020-28579High8.82020-11-18A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP…
CVE-2020-8605High8.82020-05-27A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Aut…
CVE-2019-9490High8.82019-04-05A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentia…
CVE-2016-9315High8.82017-02-21Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) ve…
CVE-2016-9314High7.82017-02-21Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Bui…
CVE-2020-8464High7.52020-12-17A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost…
CVE-2020-8463High7.52020-12-17A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous us…
CVE-2020-8604High7.52020-05-27A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installati…
CVE-2020-28581High7.22020-11-18A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attack…
CVE-2020-28580High7.22020-11-18A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker…
CVE-2017-11396High7.22017-09-22Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who al…
CVE-2017-6339Medium6.52017-04-05Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages certain key and certificate data. Per IWSVA documentation, by defaul…
CVE-2017-6338Medium6.52017-04-05Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low…
CVE-2020-8603Medium6.12020-05-27A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web inter…