{"vulnerability": "CVE-2020-8461", "sightings": [{"uuid": "542acdf4-30e7-490e-91c2-ab200544f2ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8461", "type": "seen", "source": "MISP/d6e9003b-e727-4686-bfd6-38e895763114", "content": "", "creation_timestamp": "2024-11-14T06:07:23.000000Z"}, {"uuid": "c4c2afc2-94a7-441d-b725-df05137b996b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8461", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2317", "content": "Multiple critical vulnerabilities (CVE-2020-8461, CVE-2020-8462, CVE-2020-8463, CVE-2020-8464, CVE-2020-8465, CVE-2020-8466) in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) (PoCs)\nhttps://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-trend-micro-interscan-web-security-virtual-appliance", "creation_timestamp": "2020-12-18T11:43:01.000000Z"}, {"uuid": "05f354b6-77cf-40f5-98bf-4473a363ac01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8461", "type": "seen", "source": "https://t.me/cibsecurity/21025", "content": "\u203c CVE-2020-8461 \u203c\n\nA CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-18T00:43:07.000000Z"}, {"uuid": "60f17449-d0d2-4e03-9d67-7a9112e2eeee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8461", "type": "seen", "source": "https://t.me/cibsecurity/21019", "content": "\u203c CVE-2020-8465 \u203c\n\nA vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-18T00:43:00.000000Z"}]}