Vulnerability Description
Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trendmicro | Interscan Web Security Suite | 3.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/33867Vendor Advisory
- http://www.securitytracker.com/id?1021694
- http://www.trendmicro.com/ftp/documentation/readme/iwss_31_win_en_readme_CP_1237Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0369
- http://secunia.com/advisories/33867Vendor Advisory
- http://www.securitytracker.com/id?1021694
- http://www.trendmicro.com/ftp/documentation/readme/iwss_31_win_en_readme_CP_1237Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0369
FAQ
What is CVE-2009-0613?
CVE-2009-0613 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configurat...
How severe is CVE-2009-0613?
CVE-2009-0613 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0613?
Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Interscan Web Security Suite.