CVE-2018-6219

Опубликовано: 15 мар. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 6.4

EPSS Низкий

Описание

An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.

Ссылки

https://success.trendmicro.com/solution/1119349
Vendor Advisory
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Exploit
Technical Description
Third Party Advisory
https://www.exploit-db.com/exploits/44166/
Exploit
Third Party Advisory
VDB Entry
https://success.trendmicro.com/solution/1119349
Vendor Advisory
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Exploit
Technical Description
Third Party Advisory
https://www.exploit-db.com/exploits/44166/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trendmicro:email_encryption_gateway:5.5:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01426

Низкий

6.5 Medium

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

GHSA-rhmq-q9gr-p7x8