A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console.
References
Link | Resource |
---|---|
https://success.trendmicro.com/solution/1117663 | Patch Vendor Advisory |
https://www.coresecurity.com/advisories/trend-micro-deep-discovery-director-multiple-vulnerabilities | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2017-08-01 15:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-11381
Mitre link : CVE-2017-11381
CVE.ORG link : CVE-2017-11381
JSON object : View
Products Affected
trendmicro
- deep_discovery_director
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')