|CVSS SCORE||10.0, (AV:N/AC:L/Au:N/C:C/I:C/A:C)|
Smart Protection Server
The specific flaw exists within the handling of credentials provided at login. When parsing the username, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.
Trend Micro has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Alain Homewood (Insomnia Security)