Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Trend Micro Deep Discovery Inspector by Trend Micro

    CVE-2018-15365 (GCVE-0-2018-15365)

    Vulnerability from nvd – Published: 2018-09-28 17:00 – Updated: 2024-08-05 09:54
    VLAI
    Summary
    A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability.
    Severity
    No CVSS data available.
    CWE
    • Reflected XSS
    Assigner
    References
    Impacted products
    Date Public
    2018-09-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T09:54:03.557Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://success.trendmicro.com/solution/1121079"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/nixwizard/CVE-2018-15365/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Trend Micro Deep Discovery Inspector",
              "vendor": "Trend Micro",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.85"
                }
              ]
            }
          ],
          "datePublic": "2018-09-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reflected XSS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-28T16:57:01.000Z",
            "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
            "shortName": "trendmicro"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://success.trendmicro.com/solution/1121079"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/nixwizard/CVE-2018-15365/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@trendmicro.com",
              "ID": "CVE-2018-15365",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Trend Micro Deep Discovery Inspector",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "3.85"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Trend Micro"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Reflected XSS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://success.trendmicro.com/solution/1121079",
                  "refsource": "CONFIRM",
                  "url": "https://success.trendmicro.com/solution/1121079"
                },
                {
                  "name": "https://github.com/nixwizard/CVE-2018-15365/",
                  "refsource": "MISC",
                  "url": "https://github.com/nixwizard/CVE-2018-15365/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "assignerShortName": "trendmicro",
        "cveId": "CVE-2018-15365",
        "datePublished": "2018-09-28T17:00:00.000Z",
        "dateReserved": "2018-08-16T00:00:00.000Z",
        "dateUpdated": "2024-08-05T09:54:03.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-15365 (GCVE-0-2018-15365)

    Vulnerability from cvelistv5 – Published: 2018-09-28 17:00 – Updated: 2024-08-05 09:54
    VLAI
    Summary
    A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability.
    Severity
    No CVSS data available.
    CWE
    • Reflected XSS
    Assigner
    References
    Impacted products
    Date Public
    2018-09-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T09:54:03.557Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://success.trendmicro.com/solution/1121079"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/nixwizard/CVE-2018-15365/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Trend Micro Deep Discovery Inspector",
              "vendor": "Trend Micro",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.85"
                }
              ]
            }
          ],
          "datePublic": "2018-09-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Reflected XSS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-28T16:57:01.000Z",
            "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
            "shortName": "trendmicro"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://success.trendmicro.com/solution/1121079"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/nixwizard/CVE-2018-15365/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@trendmicro.com",
              "ID": "CVE-2018-15365",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Trend Micro Deep Discovery Inspector",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "3.85"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Trend Micro"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Reflected XSS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://success.trendmicro.com/solution/1121079",
                  "refsource": "CONFIRM",
                  "url": "https://success.trendmicro.com/solution/1121079"
                },
                {
                  "name": "https://github.com/nixwizard/CVE-2018-15365/",
                  "refsource": "MISC",
                  "url": "https://github.com/nixwizard/CVE-2018-15365/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "assignerShortName": "trendmicro",
        "cveId": "CVE-2018-15365",
        "datePublished": "2018-09-28T17:00:00.000Z",
        "dateReserved": "2018-08-16T00:00:00.000Z",
        "dateUpdated": "2024-08-05T09:54:03.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }