Vulnerability Description
An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.
CVSS Score
6.5
MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trendmicro | Email Encryption Gateway | 5.5 |
Related Weaknesses (CWE)
References
- https://success.trendmicro.com/solution/1119349Vendor Advisory
- https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-mulExploitTechnical DescriptionThird Party Advisory
- https://www.exploit-db.com/exploits/44166/ExploitThird Party AdvisoryVDB Entry
- https://success.trendmicro.com/solution/1119349Vendor Advisory
- https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-mulExploitTechnical DescriptionThird Party Advisory
- https://www.exploit-db.com/exploits/44166/ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2018-6219?
CVE-2018-6219 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.
How severe is CVE-2018-6219?
CVE-2018-6219 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6219?
Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Email Encryption Gateway.