SB2017082201 - Security restrictions bypass in Trend Micro Threat Discovery Appliance
Published: August 22, 2017
Security Bulletin ID
SB2017082201
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Security restrictions bypass (CVE-ID: CVE-2016-7552)
CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Green
The vulnerability allows a remote attacker to conduct a directory traversal attack on the target system.
The weakness exists in the logoff.cgi script due to improper processing of a session_id cookie. A remote attacker can send specially crafted data, delete arbitrary files in the logoff.cgi script, reset the administrator password to 'admin' if the system is rebooted and bypass authentication restrictions or cause DoS condition.
Successful exploitation of the vulnerability may result in system crash.
Remediation
Install update from vendor's website.