Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto their local machine. This backup file contains sensitive information like passwd/shadow files, RSA certificates, Private Keys and Default Passphrase, etc. This was resolved in Version 6.5 CP 1737.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trend Micro InterScan Web Security Virtual Appliance 信息泄露漏洞
Vulnerability Description
Trend Micro InterScan Web Security Virtual Appliance(IWSVA)是美国趋势科技(Trend Micro)公司的一款针对基于Web方式的威胁为企业网络提供动态的、集成式的安全保护的Web安全网关。 Trend Micro IWSVA 6.5-SP2_Build_Linux_1707及之前的版本中的com.trend.iwss.gui.servlet.ConfigBackup存在信息泄露漏洞。远程攻击者可利用该漏洞将系统配置备份到本地设备上,获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A