CVE-2017-6398
Summary
| CVE | CVE-2017-6398 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-03-14 09:59:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator credentials. The saveCert.imss endpoint takes several user inputs and performs blacklisting. After that, it uses them as arguments to a predefined operating-system command without proper sanitization. However, because of an improper blacklisting rule, it's possible to inject arbitrary commands into it. |
Risk And Classification
Problem Types: CWE-78 | NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Trendmicro | Interscan Messaging Security Virtual Appliance | 9.1-1600 | All | All | All |
| Application | Trendmicro | Interscan Messaging Security Virtual Appliance | 9.1-1600 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Trend Micro InterScan Messaging Security CVE-2017-6398 Remote Code Execution Vulnerability | BID | www.securityfocus.com | |
| Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution | MISC | www.rapid7.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.