CVE-2016-9314

by Fred · 21/02/2017

Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto their local machine. This backup file contains sensitive information like passwd/shadow files, RSA certificates, Private Keys and Default Passphrase, etc. This was resolved in Version 6.5 CP 1737.

Date published : 2017-02-21

http://www.securityfocus.com/bid/96252

https://success.trendmicro.com/solution/1116672

CVE-2016-9314

Similar

Recent Posts

Categories

CVE-2016-9314

Share this:

Similar

Recent Posts

Categories

Tags