Trendmicro Threat_discovery_appliance
12 CVEs affecting Trendmicro Threat_discovery_appliance. Latest disclosed: 2017-04-28. Critical: 3, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-8584 | Critical | 9.8 | 2017-04-28 | Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessi… |
CVE-2016-7552 | Critical | 9.8 | 2017-04-12 | On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to… |
CVE-2016-7547 | Critical | 9.8 | 2017-04-12 | A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface. |
CVE-2016-8593 | High | 8.8 | 2017-04-28 | Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute a… |
CVE-2016-8592 | High | 8.8 | 2017-04-28 | log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root u… |
CVE-2016-8591 | High | 8.8 | 2017-04-28 | log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via… |
CVE-2016-8590 | High | 8.8 | 2017-04-28 | log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user… |
CVE-2016-8589 | High | 8.8 | 2017-04-28 | log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user… |
CVE-2016-8586 | High | 8.8 | 2017-04-28 | detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as th… |
CVE-2016-8585 | High | 8.8 | 2017-04-28 | admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root use… |
CVE-2016-8588 | High | 7.3 | 2017-04-28 | The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell me… |
CVE-2016-8587 | High | 7.3 | 2017-04-28 | dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archi… |