cvelistv5 - cve-2024-46902

CVE-2024-46902 (GCVE-0-2024-46902)

Vulnerability from cvelistv5 – Published: 2024-10-22 18:28 – Updated: 2024-10-22 19:00

Summary

A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

trendmicro

References

URL

Tags

	https://success.trendmicro.com/en-US/solution/KA-…
	https://www.zerodayinitiative.com/advisories/ZDI-…

Impacted products

	Vendor	Product	Version
	Trend Micro, Inc.	Trend Micro Deep Discovery Inspector	Affected: 5.8, 6.6, 6.7 , < 6.6.1097, 6.7.1107 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "deep_discovery_inspector",
            "vendor": "trendmicro",
            "versions": [
              {
                "lessThan": "6.6.1097",
                "status": "affected",
                "version": "5.8",
                "versionType": "custom"
              },
              {
                "lessThan": "6.7.1107",
                "status": "affected",
                "version": "6.7",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-46902",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-22T18:57:44.852631Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-89",
                "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-22T19:00:05.228Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Discovery Inspector",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "6.6.1097, 6.7.1107",
              "status": "affected",
              "version": "5.8, 6.6, 6.7",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-22T18:28:18.124Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://success.trendmicro.com/en-US/solution/KA-0017793"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1227/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2024-46902",
    "datePublished": "2024-10-22T18:28:18.124Z",
    "dateReserved": "2024-09-13T14:13:48.416Z",
    "dateUpdated": "2024-10-22T19:00:05.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.8\", \"versionEndExcluding\": \"6.6\", \"matchCriteriaId\": \"77ED7D00-6C55-4F2D-A97F-2A8AB569BCF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1078:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE216061-F408-439A-90DC-9880010B2D58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1080:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1E1C9C3-7A9B-4661-BF34-ABECD8A64C83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1077:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F359F80-0A0A-4A1D-BC4E-3C8C0A2C4063\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1086:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E125CD6-99D1-4C4C-9FB6-ADDBB7EB380D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.\\r\\n\\r\\nPlease note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.\"}, {\"lang\": \"es\", \"value\": \" Una vulnerabilidad en Trend Micro Deep Discovery Inspector (DDI) versiones 5.8 y posteriores podr\\u00eda permitir a un atacante divulgar informaci\\u00f3n confidencial de las instalaciones afectadas. Tenga en cuenta que un atacante primero debe obtener la capacidad de ejecutar c\\u00f3digo con privilegios elevados (derechos de usuario administrador) en el sistema de destino para aprovechar esta vulnerabilidad.\"}]",
      "id": "CVE-2024-46902",
      "lastModified": "2024-10-25T14:50:23.897",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@trendmicro.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.4, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}]}",
      "published": "2024-10-22T19:15:06.130",
      "references": "[{\"url\": \"https://success.trendmicro.com/en-US/solution/KA-0017793\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-24-1227/\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-46902\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2024-10-22T19:15:06.130\",\"lastModified\":\"2024-10-25T14:50:23.897\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.\\r\\n\\r\\nPlease note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\" Una vulnerabilidad en Trend Micro Deep Discovery Inspector (DDI) versiones 5.8 y posteriores podr\u00eda permitir a un atacante divulgar informaci\u00f3n confidencial de las instalaciones afectadas. Tenga en cuenta que un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con privilegios elevados (derechos de usuario administrador) en el sistema de destino para aprovechar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.7,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.8\",\"versionEndExcluding\":\"6.6\",\"matchCriteriaId\":\"77ED7D00-6C55-4F2D-A97F-2A8AB569BCF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1078:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE216061-F408-439A-90DC-9880010B2D58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1080:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1E1C9C3-7A9B-4661-BF34-ABECD8A64C83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1077:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F359F80-0A0A-4A1D-BC4E-3C8C0A2C4063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1086:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E125CD6-99D1-4C4C-9FB6-ADDBB7EB380D\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/en-US/solution/KA-0017793\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-24-1227/\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-46902\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-22T18:57:44.852631Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*\"], \"vendor\": \"trendmicro\", \"product\": \"deep_discovery_inspector\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.8\", \"lessThan\": \"6.6.1097\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.7\", \"lessThan\": \"6.7.1107\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-89\", \"description\": \"CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-22T18:59:55.522Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Trend Micro, Inc.\", \"product\": \"Trend Micro Deep Discovery Inspector\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.8, 6.6, 6.7\", \"lessThan\": \"6.6.1097, 6.7.1107\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://success.trendmicro.com/en-US/solution/KA-0017793\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-24-1227/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.\\r\\n\\r\\nPlease note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.\"}], \"providerMetadata\": {\"orgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"shortName\": \"trendmicro\", \"dateUpdated\": \"2024-10-22T18:28:18.124Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-46902\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-22T19:00:05.228Z\", \"dateReserved\": \"2024-09-13T14:13:48.416Z\", \"assignerOrgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"datePublished\": \"2024-10-22T18:28:18.124Z\", \"assignerShortName\": \"trendmicro\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0811

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Trend Micro. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'éditeur indique que les versions 5.8.x à 6.5.x de Deep Discovery Inspector sont affectées par les vulnérabilités CVE-2024-46902 et CVE-2024-46903 mais ne bénéficieront pas de correctifs de sécurité. Deep Discovery Inspector et Deep Discovery Email Inspector sont affectés par la vulnérabilité CVE-2024-6387; il est nécessaire de contacter l'éditeur pour accéder aux correctifs.

Impacted products

Vendor	Product	Description
Trend Micro	Service Gateway	Service Gateway versions antérieures à 3.0.10
Trend Micro	Deep Discovery Inspector	Deep Discovery Inspector versions 6.7.x antérieures à 6.7 Cp 1107
Trend Micro	Deep Discovery Inspector	Deep Discovery Inspector versions 6.6.x antérieures à 6.6 Cp 1097
Trend Micro	Trend Micro Web Gateway	Trend Micro Web Gateway versions antérieures à 3.9.5.5840
Trend Micro	Deep Discovery Mail Inspector	Deep Discovery Email Inspector sans le dernier correctif de sécurité

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro KA-0017793	2024-09-16	vendor-advisory
Bulletin de sécurité Trend Micro KA-0016976	2024-09-05	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Service Gateway versions ant\u00e9rieures \u00e0 3.0.10",
      "product": {
        "name": "Service Gateway",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Deep Discovery Inspector versions 6.7.x ant\u00e9rieures \u00e0 6.7 Cp 1107",
      "product": {
        "name": "Deep Discovery Inspector",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Deep Discovery Inspector versions 6.6.x ant\u00e9rieures \u00e0 6.6 Cp 1097",
      "product": {
        "name": "Deep Discovery Inspector",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Trend Micro Web Gateway\t versions ant\u00e9rieures \u00e0 3.9.5.5840",
      "product": {
        "name": "Trend Micro Web Gateway",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Deep Discovery Email Inspector sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Deep Discovery Mail Inspector",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "L\u0027\u00e9diteur indique que les versions 5.8.x \u00e0 6.5.x de Deep Discovery Inspector sont affect\u00e9es par les vuln\u00e9rabilit\u00e9s CVE-2024-46902 et CVE-2024-46903 mais ne b\u00e9n\u00e9ficieront pas de correctifs de s\u00e9curit\u00e9. \nDeep Discovery Inspector et Deep Discovery Email Inspector sont affect\u00e9s par la vuln\u00e9rabilit\u00e9 CVE-2024-6387; il est n\u00e9cessaire de contacter l\u0027\u00e9diteur pour acc\u00e9der aux correctifs. ",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-46903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46903"
    },
    {
      "name": "CVE-2024-46902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46902"
    },
    {
      "name": "CVE-2006-5051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5051"
    },
    {
      "name": "CVE-2024-6387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
    },
    {
      "name": "CVE-2008-4109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4109"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0811",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Trend Micro. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Trend Micro",
  "vendor_advisories": [
    {
      "published_at": "2024-09-16",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0017793",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0017793"
    },
    {
      "published_at": "2024-09-05",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0016976",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0016976"
    }
  ]
}

CERTFR-2024-AVI-0811

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Trend Micro	Service Gateway	Service Gateway versions antérieures à 3.0.10
Trend Micro	Deep Discovery Inspector	Deep Discovery Inspector versions 6.7.x antérieures à 6.7 Cp 1107
Trend Micro	Deep Discovery Inspector	Deep Discovery Inspector versions 6.6.x antérieures à 6.6 Cp 1097
Trend Micro	Trend Micro Web Gateway	Trend Micro Web Gateway versions antérieures à 3.9.5.5840
Trend Micro	Deep Discovery Mail Inspector	Deep Discovery Email Inspector sans le dernier correctif de sécurité

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro KA-0017793	2024-09-16	vendor-advisory
Bulletin de sécurité Trend Micro KA-0016976	2024-09-05	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Service Gateway versions ant\u00e9rieures \u00e0 3.0.10",
      "product": {
        "name": "Service Gateway",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Deep Discovery Inspector versions 6.7.x ant\u00e9rieures \u00e0 6.7 Cp 1107",
      "product": {
        "name": "Deep Discovery Inspector",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Deep Discovery Inspector versions 6.6.x ant\u00e9rieures \u00e0 6.6 Cp 1097",
      "product": {
        "name": "Deep Discovery Inspector",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Trend Micro Web Gateway\t versions ant\u00e9rieures \u00e0 3.9.5.5840",
      "product": {
        "name": "Trend Micro Web Gateway",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Deep Discovery Email Inspector sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Deep Discovery Mail Inspector",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "L\u0027\u00e9diteur indique que les versions 5.8.x \u00e0 6.5.x de Deep Discovery Inspector sont affect\u00e9es par les vuln\u00e9rabilit\u00e9s CVE-2024-46902 et CVE-2024-46903 mais ne b\u00e9n\u00e9ficieront pas de correctifs de s\u00e9curit\u00e9. \nDeep Discovery Inspector et Deep Discovery Email Inspector sont affect\u00e9s par la vuln\u00e9rabilit\u00e9 CVE-2024-6387; il est n\u00e9cessaire de contacter l\u0027\u00e9diteur pour acc\u00e9der aux correctifs. ",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-46903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46903"
    },
    {
      "name": "CVE-2024-46902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46902"
    },
    {
      "name": "CVE-2006-5051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5051"
    },
    {
      "name": "CVE-2024-6387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
    },
    {
      "name": "CVE-2008-4109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4109"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0811",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Trend Micro. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Trend Micro",
  "vendor_advisories": [
    {
      "published_at": "2024-09-16",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0017793",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0017793"
    },
    {
      "published_at": "2024-09-05",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0016976",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0016976"
    }
  ]
}

WID-SEC-W-2024-2140

Vulnerability from csaf_certbund - Published: 2024-09-15 22:00 - Updated: 2024-09-15 22:00

Summary

Trend Micro Deep Discovery Email Inspector: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Deep Discovery Email Inspector erkennt und blockiert Ransomware Spear Phishing-Mails durch Analysetechniken für bekannte und unbekannte Angriffe.

Angriff

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Trend Micro Deep Discovery Email Inspector ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme

- Appliance

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Deep Discovery Email Inspector erkennt und blockiert Ransomware Spear Phishing-Mails durch Analysetechniken f\u00fcr bekannte und unbekannte Angriffe.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Trend Micro Deep Discovery Email Inspector ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-2140 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2140.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-2140 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2140"
      },
      {
        "category": "external",
        "summary": "TrendMicro Security Bulletin vom 2024-09-15",
        "url": "https://success.trendmicro.com/en-US/solution/KA-0017793"
      }
    ],
    "source_lang": "en-US",
    "title": "Trend Micro Deep Discovery Email Inspector: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2024-09-15T22:00:00.000+00:00",
      "generator": {
        "date": "2024-09-16T08:01:55.253+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.6"
        }
      },
      "id": "WID-SEC-W-2024-2140",
      "initial_release_date": "2024-09-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-09-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.7 CP 1107",
                "product": {
                  "name": "Trend Micro Deep Discovery Email Inspector \u003c6.7 CP 1107",
                  "product_id": "T037629"
                }
              },
              {
                "category": "product_version",
                "name": "6.7 CP 1107",
                "product": {
                  "name": "Trend Micro Deep Discovery Email Inspector 6.7 CP 1107",
                  "product_id": "T037629-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:trendmicro:deep_discovery_email_inspector:6.7_cp_1107"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Deep Discovery Email Inspector"
          }
        ],
        "category": "vendor",
        "name": "Trend Micro"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-46902",
      "notes": [
        {
          "category": "description",
          "text": "In Trend Micro Deep Discovery Email Inspector bestehen mehrere Schwachstellen. Diese Fehler existieren wegen mehrerer SQL-Injection-Probleme. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T037629"
        ]
      },
      "release_date": "2024-09-15T22:00:00.000+00:00",
      "title": "CVE-2024-46902"
    },
    {
      "cve": "CVE-2024-46903",
      "notes": [
        {
          "category": "description",
          "text": "In Trend Micro Deep Discovery Email Inspector bestehen mehrere Schwachstellen. Diese Fehler existieren wegen mehrerer SQL-Injection-Probleme. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T037629"
        ]
      },
      "release_date": "2024-09-15T22:00:00.000+00:00",
      "title": "CVE-2024-46903"
    }
  ]
}

JVNDB-2024-010802

Vulnerability from jvndb - Published: 2024-10-22 13:02 - Updated:2024-10-22 13:02

Summary

Multiple SQL injection vulnerabilities in Trend Micro Deep Discovery Inspector

Details

Trend Micro Incorporated has released a security update for Trend Micro Deep Discovery Inspector. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

References

Type

URL

	JVN	http://jvn.jp/en/vu/JVNVU93072012/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-46902
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-46903

Impacted products

Vendor

Product

Trend Micro, Inc.

Deep Discovery Inspector

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-010802.html",
  "dc:date": "2024-10-22T13:02+09:00",
  "dcterms:issued": "2024-10-22T13:02+09:00",
  "dcterms:modified": "2024-10-22T13:02+09:00",
  "description": "Trend Micro Incorporated has released a security update for Trend Micro Deep Discovery Inspector.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-010802.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:deep_discovery_inspector",
    "@product": "Deep Discovery Inspector",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:identifier": "JVNDB-2024-010802",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU93072012/index.html",
      "@id": "JVNVU#93072012",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-46902",
      "@id": "CVE-2024-46902",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-46903",
      "@id": "CVE-2024-46903",
      "@source": "CVE"
    }
  ],
  "title": "Multiple SQL injection vulnerabilities in Trend Micro Deep Discovery Inspector"
}

GHSA-8FX5-JXM5-JCPR

Vulnerability from github – Published: 2024-10-22 21:30 – Updated: 2024-10-22 21:30

Details

A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.

Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.

Severity ?

8.4 (High)


                  
                    CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-46902"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-22T19:15:06Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.\n\nPlease note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability.",
  "id": "GHSA-8fx5-jxm5-jcpr",
  "modified": "2024-10-22T21:30:37Z",
  "published": "2024-10-22T21:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46902"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0017793"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1227"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-46902

Vulnerability from fkie_nvd - Published: 2024-10-22 19:15 - Updated: 2024-10-25 14:50

Severity ?

8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@trendmicro.com	https://success.trendmicro.com/en-US/solution/KA-0017793	Vendor Advisory
	security@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-24-1227/	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
trendmicro	deep_discovery_inspector	*
trendmicro	deep_discovery_inspector	6.6
trendmicro	deep_discovery_inspector	6.6
trendmicro	deep_discovery_inspector	6.7
trendmicro	deep_discovery_inspector	6.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77ED7D00-6C55-4F2D-A97F-2A8AB569BCF9",
              "versionEndExcluding": "6.6",
              "versionStartIncluding": "5.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1078:*:*:*:*:*:*",
              "matchCriteriaId": "DE216061-F408-439A-90DC-9880010B2D58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.6:1080:*:*:*:*:*:*",
              "matchCriteriaId": "A1E1C9C3-7A9B-4661-BF34-ABECD8A64C83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1077:*:*:*:*:*:*",
              "matchCriteriaId": "2F359F80-0A0A-4A1D-BC4E-3C8C0A2C4063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_discovery_inspector:6.7:1086:*:*:*:*:*:*",
              "matchCriteriaId": "4E125CD6-99D1-4C4C-9FB6-ADDBB7EB380D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": " Una vulnerabilidad en Trend Micro Deep Discovery Inspector (DDI) versiones 5.8 y posteriores podr\u00eda permitir a un atacante divulgar informaci\u00f3n confidencial de las instalaciones afectadas. Tenga en cuenta que un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con privilegios elevados (derechos de usuario administrador) en el sistema de destino para aprovechar esta vulnerabilidad."
    }
  ],
  "id": "CVE-2024-46902",
  "lastModified": "2024-10-25T14:50:23.897",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 6.0,
        "source": "security@trendmicro.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-22T19:15:06.130",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/en-US/solution/KA-0017793"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1227/"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-46902 (GCVE-0-2024-46902)

CERTFR-2024-AVI-0811

Solutions

CERTFR-2024-AVI-0811

Solutions

WID-SEC-W-2024-2140

JVNDB-2024-010802

GHSA-8FX5-JXM5-JCPR

FKIE_CVE-2024-46902

Tags

Sightings

Nomenclature