Server-Side Request Forgery Vulnerability in Trend Micro Control Manager
CVE-2018-10511

10CRITICAL

Key Information:

Vendor: Trend Micro
Status: Trend Micro Control Manager
Vendor: CVE Published:; 15 August 2018

Summary

A vulnerability exists in Trend Micro Control Manager, specifically in versions 6.0 and 7.0, that could allow an attacker to execute a server-side request forgery (SSRF) attack. This type of attack could potentially enable unauthorized access to internal services and sensitive information, posing significant risks to the integrity of the affected systems.

Affected Version(s)

Trend Micro Control Manager 6.0 and 7.0

References

https://success.trendmicro.com/solution/1120112

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 15, 2018
Vulnerability Reserved
Apr 27, 2018