Lucene search

[email protected]NVD:CVE-2009-0613

HistoryFeb 17, 2009 - 5:30 p.m.

CVE-2009-0613

2009-02-1717:30:06

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.002

Percentile

61.6%

JSON

Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages.

Affected configurations

Nvd

Node

trendmicrointerscan_web_security_suiteMatch3.1

VendorProductVersionCPE
trendmicrointerscan_web_security_suite3.1cpe:2.3:a:trendmicro:interscan_web_security_suite:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
trendmicro	interscan_web_security_suite	3.1	cpe:2.3:a:trendmicro:interscan_web_security_suite:3.1:::::::*

References

secunia.com/advisories/33867

www.securitytracker.com/id?1021694

www.trendmicro.com/ftp/documentation/readme/iwss_31_win_en_readme_CP_1237_EN.txt

www.vupen.com/english/advisories/2009/0369

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.002

Percentile

61.6%

JSON

Related for NVD:CVE-2009-0613

nessus1 prion1 cve1 cvelist1