Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Trendmicro Subscribe
Filtered by product Interscan Web Security Virtual Appliance

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8606 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2022-06-02 7.5 HIGH 9.8 CRITICAL
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.
CVE-2020-8465 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2021-07-21 10.0 HIGH 9.8 CRITICAL
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.
CVE-2020-8466 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2021-07-21 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password.
CVE-2020-28578 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2020-11-30 7.5 HIGH 9.8 CRITICAL
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.
CVE-2016-9269 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2017-07-25 9.0 HIGH 9.9 CRITICAL
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737.