mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
956 B
956 B
CVE-2017-11398
&color=blue)
&color=brighgreen)
Description
A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system.
POC
Reference
- https://www.coresecurity.com/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities
- https://www.exploit-db.com/exploits/43388/