Cross-Site Scripting Vulnerability in Trend Micro InterScan Web Security Appliance
CVE-2020-8462

4.8MEDIUM

Key Information:

Vendor
Trend Micro
Status
Trend Micro Interscan Web Security Virtual Appliance
Vendor
CVE Published:
17 December 2020

Summary

A cross-site scripting vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, potentially allowing attackers to manipulate the web interface. If exploited, this vulnerability could lead to unauthorized actions and data exposure, posing significant security risks for users. It is crucial for organizations to update their systems and implementstrong security measures to mitigate such risks.

Affected Version(s)

Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2

References

https://success.trendmicro.com/solution/000283077
x_refsource_MISC
https://sec-consult.com/vulnerability-lab/advisory/multip...
x_refsource_MISC

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.