CVE-2020-8606

EUVD-2020-29454
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
Affected Products (NVD)
VendorProductVersion
trendmicrointerscan_web_security_virtual_appliance
6.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance-Remote-Code-Execution.html
http://packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execution.html
https://success.trendmicro.com/solution/000253095
https://www.zerodayinitiative.com/advisories/ZDI-20-677/
http://packetstormsecurity.com/files/158171/Trend-Micro-Web-Security-Virtual-Appliance-Remote-Code-Execution.html
http://packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execution.html
https://success.trendmicro.com/solution/000253095
https://www.zerodayinitiative.com/advisories/ZDI-20-677/