Information Disclosure Flaw in Trend Micro InterScan Messaging Security Virtual Appliance
CVE-2020-27019

5.5MEDIUM

Key Information:

Vendor: Trend Micro
Status: Trend Micro Interscan Messaging Security Virtual Appliance (imsva)
Vendor: CVE Published:; 9 November 2020

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2020-27019?

The Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) version 9.1 is susceptible to an information disclosure vulnerability. This flaw allows attackers to potentially retrieve sensitive database information and cryptographic keys, which could lead to unauthorized access to confidential data. Organizations using this product should assess their systems to mitigate the risks associated with this vulnerability.

Affected Version(s)

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1

References

https://success.trendmicro.com/solution/000279833

x_refsource_MISC

https://sec-consult.com/en/blog/advisories/vulnerabilitie...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 9, 2020
Vulnerability Reserved
Oct 12, 2020