SB2017121606 - Multiple vulnerabilities in ScanMail

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017121606

SB2017121606 - Multiple vulnerabilities in ScanMail

Published: December 16, 2017 Updated: August 8, 2020

Security Bulletin ID SB2017121606
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 50% Medium 25% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Inadequate Encryption Strength (CVE-ID: CVE-2017-14090)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted.


2) Insufficient verification of data authenticity (CVE-ID: CVE-2017-14091)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory.


3) Cross-site request forgery (CVE-ID: CVE-2017-14092)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.


4) Cross-site scripting (CVE-ID: CVE-2017-14093)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting (XSS) attacks.


Remediation

Install update from vendor's website.

References