All the vulnerabilites related to Trend Micro, Inc. - TrendMicro InterScan Web Security Virtual Appliance
jvndb-2021-002005
Vulnerability from jvndb
Published
2021-07-19 16:53
Modified
2021-07-19 16:53
Severity ?
Summary
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting
Details
Trend Micro Incorporated has released a security update for InterScan Web Security Virtual Appliance (IWSVA).
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/vu/JVNVU94115268/index.html | |
| CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31521 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2021-31521 | |
| Cross-site Scripting(CWE-79) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002005.html",
"dc:date": "2021-07-19T16:53+09:00",
"dcterms:issued": "2021-07-19T16:53+09:00",
"dcterms:modified": "2021-07-19T16:53+09:00",
"description": "Trend Micro Incorporated has released a security update for InterScan Web Security Virtual Appliance (IWSVA).\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002005.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:interscan_web_security_virtual_appliance",
"@product": "TrendMicro InterScan Web Security Virtual Appliance",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "3.5",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "5.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-002005",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU94115268/index.html",
"@id": "JVNVU#94115268",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31521",
"@id": "CVE-2021-31521",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-31521",
"@id": "CVE-2021-31521",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting"
}
jvndb-2024-003645
Vulnerability from jvndb
Published
2024-06-20 14:59
Modified
2024-06-20 14:59
Summary
Multiple vulnerabilities in multiple Trend Micro products
Details
Trend Micro Incorporated has released security updates for multiple Trend Micro products.
Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
"dc:date": "2024-06-20T14:59+09:00",
"dcterms:issued": "2024-06-20T14:59+09:00",
"dcterms:modified": "2024-06-20T14:59+09:00",
"description": "Trend Micro Incorporated has released security updates for multiple Trend Micro products.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
"sec:cpe": [
{
"#text": "cpe:/a:trendmicro:apex_one",
"@product": "Apex One",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:apex_one_as_a_service",
"@product": "Apex One as a Service",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:deep_security_agent",
"@product": "Deep Security Agent",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:interscan_web_security_virtual_appliance",
"@product": "TrendMicro InterScan Web Security Virtual Appliance",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
}
],
"sec:identifier": "JVNDB-2024-003645",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU99027428/index.html",
"@id": "JVNVU#99027428",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36302",
"@id": "CVE-2024-36302",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36303",
"@id": "CVE-2024-36303",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36304",
"@id": "CVE-2024-36304",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36305",
"@id": "CVE-2024-36305",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36306",
"@id": "CVE-2024-36306",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36307",
"@id": "CVE-2024-36307",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-37289",
"@id": "CVE-2024-37289",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36358",
"@id": "CVE-2024-36358",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-36359",
"@id": "CVE-2024-36359",
"@source": "CVE"
}
],
"title": "Multiple vulnerabilities in multiple Trend Micro products"
}
jvndb-2017-007422
Vulnerability from jvndb
Published
2017-09-21 15:58
Modified
2018-03-07 14:32
Severity ?
Summary
InterScan Web Security Virtual Appliance vulnerable to code injection
Details
InterScan Web Security Virtual Appliance provided by Trend Micro Incorporated contains code injection vulnerability.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-007422.html",
"dc:date": "2018-03-07T14:32+09:00",
"dcterms:issued": "2017-09-21T15:58+09:00",
"dcterms:modified": "2018-03-07T14:32+09:00",
"description": "InterScan Web Security Virtual Appliance provided by Trend Micro Incorporated contains code injection vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-007422.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:interscan_web_security_virtual_appliance",
"@product": "TrendMicro InterScan Web Security Virtual Appliance",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "9.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"@version": "2.0"
},
{
"@score": "7.2",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-007422",
"sec:references": [
{
"#text": "http://jvn.jp/en/vu/JVNVU90447827/index.html",
"@id": "JVNVU#90447827",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11396",
"@id": "CVE-2017-11396",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-11396",
"@id": "CVE-2017-11396",
"@source": "NVD"
}
],
"title": "InterScan Web Security Virtual Appliance vulnerable to code injection"
}