admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 01:31:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2020/CVE-2020-27018.md

18 lines
1002 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2020-27018](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27018)
![](https://img.shields.io/static/v1?label=Product&message=Trend%20Micro%20InterScan%20Messaging%20Security%20Virtual%20Appliance%20(IMSVA)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=SSRF&color=brighgreen)
### Description
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability.
### POC
#### Reference
- https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/
#### Github
No PoCs found on GitHub currently.
Reference in New Issue Copy Permalink