CVE-2018-6220

Опубликовано: 15 мар. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An arbitrary file write vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject arbitrary data, which may lead to gaining code execution on vulnerable systems.

Ссылки

https://success.trendmicro.com/solution/1119349
Patch
Vendor Advisory
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Exploit
Technical Description
Third Party Advisory
https://www.exploit-db.com/exploits/44166/
Exploit
Third Party Advisory
VDB Entry
https://success.trendmicro.com/solution/1119349
Patch
Vendor Advisory
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Exploit
Technical Description
Third Party Advisory
https://www.exploit-db.com/exploits/44166/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trendmicro:email_encryption_gateway:5.5:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.096

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-5jhv-4759-qhgg