Advisory Details

November 6th, 2014

Trend Micro InterScan Web Security Virtual Appliance Information Disclosure Vulnerability

ZDI-14-373
ZDI-CAN-2369

CVE ID CVE-2014-8510
CVSS SCORE 6.5, (AV:N/AC:L/Au:S/C:P/I:P/A:P)
AFFECTED VENDORS Trend Micro
AFFECTED PRODUCTS InterScan Web Security
TREND MICRO CUSTOMER PROTECTION Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 13855. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
VULNERABILITY DETAILS


This vulnerability allows remote attackers to read files from the underlying operating system on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance web application authentication is required to exploit this vulnerability.

The specific flaw exists within multiple areas of the AdminUI. The issue lies in the handling of configuration input due to a failure to safely sanitize user data before saving filters. An attacker could leverage this vulnerability to read any file to which the web app has read access.

ADDITIONAL DETAILS


Vendor has released a hotfix to address the issue: IWSVA 6.0 HF build 1244


DISCLOSURE TIMELINE
  • 2014-06-12 - Vulnerability reported to vendor
  • 2014-11-06 - Coordinated public release of advisory
CREDIT Brandon Perry
BACK TO ADVISORIES