CVE-2019-9490

EUVD-2019-18864
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
trendmicrointerscan_web_security_virtual_appliance
6.5:sp2
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/107848
https://success.trendmicro.com/solution/1122326
http://www.securityfocus.com/bid/107848
https://success.trendmicro.com/solution/1122326