Local Credential Exposure in TrendMicro ScanMail for Exchange
CVE-2001-0586

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Scanmail Exchange
Vendor: CVE Published:; 22 August 2001

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2001-0586?

A vulnerability in TrendMicro ScanMail for Exchange 3.5 permits local attackers to retrieve sensitive administrative credentials. This issue arises due to the storage of unprotected registry keys and the use of weak encryption for passwords, allowing unauthorized access by exploiting these deficiencies. Securing the registry and enhancing password encryption are vital steps to mitigating this risk.

References

http://www.osvdb.org/5581

vdb-entryx_refsource_OSVDB

http://archives.neohapsis.com/archives/ntbugtraq/2001-q1/...

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/6311

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2001
Vulnerability Reserved
Jul 27, 2001