cnvd - cnvd-2020-49951

CNVD-2020-49951

Vulnerability from cnvd - Published: 2020-09-02

Title

Trend Micro Vulnerability Protection LDAP认证绕过漏洞

Description

Trend Micro Vulnerability Protection是一款端点漏洞防护产品，可提供更快一步且更强的端点防护。 Trend Micro Vulnerability Protection 2.0 SP2存在LDAP认证绕过漏洞，攻击者可利用该漏洞绕过管理器认证。

Severity

中

Patch Name

Trend Micro Vulnerability Protection LDAP认证绕过漏洞的补丁

Patch Description

Trend Micro Vulnerability Protection是一款端点漏洞防护产品，可提供更快一步且更强的端点防护。 Trend Micro Vulnerability Protection 2.0 SP2存在LDAP认证绕过漏洞，攻击者可利用该漏洞绕过管理器认证。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://success.trendmicro.com/solution/000252039

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-15605

Impacted products

Name
Trend Micro Vulnerability Protection 2.0 SP2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-15605",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-15605"
    }
  },
  "description": "Trend Micro Vulnerability Protection\u662f\u4e00\u6b3e\u7aef\u70b9\u6f0f\u6d1e\u9632\u62a4\u4ea7\u54c1\uff0c\u53ef\u63d0\u4f9b\u66f4\u5feb\u4e00\u6b65\u4e14\u66f4\u5f3a\u7684\u7aef\u70b9\u9632\u62a4\u3002\n\nTrend Micro Vulnerability Protection 2.0 SP2\u5b58\u5728LDAP\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u7ba1\u7406\u5668\u8ba4\u8bc1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://success.trendmicro.com/solution/000252039",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-49951",
  "openTime": "2020-09-02",
  "patchDescription": "Trend Micro Vulnerability Protection\u662f\u4e00\u6b3e\u7aef\u70b9\u6f0f\u6d1e\u9632\u62a4\u4ea7\u54c1\uff0c\u53ef\u63d0\u4f9b\u66f4\u5feb\u4e00\u6b65\u4e14\u66f4\u5f3a\u7684\u7aef\u70b9\u9632\u62a4\u3002\r\n\r\nTrend Micro Vulnerability Protection 2.0 SP2\u5b58\u5728LDAP\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u7ba1\u7406\u5668\u8ba4\u8bc1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Trend Micro Vulnerability Protection LDAP\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Trend Micro Vulnerability Protection 2.0 SP2"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-15605",
  "serverity": "\u4e2d",
  "submitTime": "2020-08-28",
  "title": "Trend Micro Vulnerability Protection LDAP\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2020-15605 (GCVE-0-2020-15605)

Vulnerability from cvelistv5 – Published: 2020-08-27 20:35 – Updated: 2024-08-04 13:22

Summary

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.

Severity ?

No CVSS data available.

CWE

Authentication Bypass

Assigner

trendmicro

References

URL

Tags

	https://success.trendmicro.com/solution/000252039	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Trend Micro	Trend Micro Vulnerability Protection	Affected: 2.0 SP2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:22:30.177Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000252039"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Vulnerability Protection",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2.0 SP2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-27T20:35:19",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000252039"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2020-15605",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Vulnerability Protection",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.0 SP2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000252039",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000252039"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2020-15605",
    "datePublished": "2020-08-27T20:35:19",
    "dateReserved": "2020-07-07T00:00:00",
    "dateUpdated": "2024-08-04T13:22:30.177Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-49951

CVE-2020-15605 (GCVE-0-2020-15605)

Tags

Sightings

Nomenclature