CVE-2015-3326 (GCVE-0-2015-3326)
Vulnerability from cvelistv5 – Published: 2015-05-14 00:00 – Updated: 2024-08-06 05:47
VLAI
EPSS
VEX
Summary
Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://esupport.trendmicro.com/solution/en-US/110… | x_refsource_CONFIRM |
| http://blog.malerisch.net/2016/05/trendmicro-smex… | x_refsource_MISC |
| http://www.securityfocus.com/bid/74661 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1032323 | vdb-entryx_refsource_SECTRACK |
Date Public
2015-04-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"name": "74661",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74661"
},
{
"name": "1032323",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"name": "74661",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74661"
},
{
"name": "1032323",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032323"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"name": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html",
"refsource": "MISC",
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"name": "74661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74661"
},
{
"name": "1032323",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032323"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3326",
"datePublished": "2015-05-14T00:00:00.000Z",
"dateReserved": "2015-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T05:47:56.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-3326",
"date": "2026-07-12",
"epss": "0.02302",
"percentile": "0.81299"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trend_micro:scanmail:10.2:*:*:*:*:microsoft_exchange:*:*\", \"matchCriteriaId\": \"81774648-66B6-4531-80AC-44B97AB9F4EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trend_micro:scanmail:11.0:*:*:*:*:microsoft_exchange:*:*\", \"matchCriteriaId\": \"3C237907-068E-4ECF-862D-4DF7220C539B\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack.\"}, {\"lang\": \"es\", \"value\": \"Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 anterior a Hot Fix Build 3318 y 11.0 anterior a Hot Fix Build 4180 crea identificadores de sesi\\u00f3n para la consola web utilizando un generador de n\\u00fameros aleatorios con valores previsibles, lo que facilita a atacantes remotos evadir la autenticaci\\u00f3n a trav\\u00e9s de un ataque de fuerza bruta.\"}]",
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/330.html\"\u003eCWE-330: Use of Insufficiently Random Values\u003c/a\u003e",
"id": "CVE-2015-3326",
"lastModified": "2024-11-21T02:29:10.123",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2015-05-14T00:59:03.647",
"references": "[{\"url\": \"http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://esupport.trendmicro.com/solution/en-US/1109669.aspx\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/74661\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id/1032323\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://esupport.trendmicro.com/solution/en-US/1109669.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/74661\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1032323\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-3326\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-05-14T00:59:03.647\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack.\"},{\"lang\":\"es\",\"value\":\"Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 anterior a Hot Fix Build 3318 y 11.0 anterior a Hot Fix Build 4180 crea identificadores de sesi\u00f3n para la consola web utilizando un generador de n\u00fameros aleatorios con valores previsibles, lo que facilita a atacantes remotos evadir la autenticaci\u00f3n a trav\u00e9s de un ataque de fuerza bruta.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:scanmail:10.2:*:*:*:*:microsoft_exchange:*:*\",\"matchCriteriaId\":\"81774648-66B6-4531-80AC-44B97AB9F4EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:scanmail:11.0:*:*:*:*:microsoft_exchange:*:*\",\"matchCriteriaId\":\"3C237907-068E-4ECF-862D-4DF7220C539B\"}]}]}],\"references\":[{\"url\":\"http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://esupport.trendmicro.com/solution/en-US/1109669.aspx\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/74661\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1032323\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://esupport.trendmicro.com/solution/en-US/1109669.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/74661\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\u003ca href=\\\"https://cwe.mitre.org/data/definitions/330.html\\\"\u003eCWE-330: Use of Insufficiently Random Values\u003c/a\u003e\"}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…