CVE-2019-9490 — HIGH (8.8) — White Hats Nepal

Vulnerability Description

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability.

CVSS Score

8.8

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Trendmicro	Interscan Web Security Virtual Appliance	6.5

References

http://www.securityfocus.com/bid/107848
https://success.trendmicro.com/solution/1122326Vendor Advisory
http://www.securityfocus.com/bid/107848
https://success.trendmicro.com/solution/1122326Vendor Advisory

FAQ

What is CVE-2019-9490?

CVE-2019-9490 is a vulnerability with a CVSS score of 8.8 (HIGH). A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated ...

How severe is CVE-2019-9490?

CVE-2019-9490 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-9490?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Interscan Web Security Virtual Appliance.