Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trend Micro Deep Security 授权问题漏洞
Vulnerability Description
Trend Micro Deep Security是美国趋势科技(Trend Micro)公司的一套智能数据保护解决方案。 Trend Micro Deep Security 10.x至12.x版存在授权认证漏洞,该漏洞源于LDAP认证可用的状态下允许事先知道目标组织的未经身份验证的攻击者绕过管理器身份验证。启用多因素身份验证可防止此攻击。使用manager本机身份验证或SAML身份验证的安装不受此漏洞的影响。
CVSS Information
N/A
Vulnerability Type
N/A