VAR-201803-1796
Vulnerability from variot - Updated: 2023-12-18 12:57A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of credentials provided at login. When parsing the username, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. A security vulnerability exists in Trend MicroSmartProtectionServer (Standalone) 3.3 and earlier. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1796",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smart protection server",
"scope": "lte",
"trust": 1.0,
"vendor": "trendmicro",
"version": "3.3"
},
{
"model": "smart protection server",
"scope": "lte",
"trust": 0.8,
"vendor": "trend micro",
"version": "3.3"
},
{
"model": "smart protection server",
"scope": null,
"trust": 0.7,
"vendor": "trend micro",
"version": null
},
{
"model": "smart protection server",
"scope": "lte",
"trust": 0.6,
"vendor": "trend micro",
"version": "\u003c=3.3"
},
{
"model": "smart protection server",
"scope": "eq",
"trust": 0.6,
"vendor": "trendmicro",
"version": "3.3"
},
{
"model": "smart protection server",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "3.3"
},
{
"model": "smart protection server cp b1030",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "3.1"
},
{
"model": "smart protection server",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "3.1"
},
{
"model": "smart protection server cp b1348",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "3.0"
},
{
"model": "smart protection server",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "3.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"db": "BID",
"id": "103529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:trendmicro:smart_protection_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6231"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alain Homewood (Insomnia Security)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "BID",
"id": "103529"
}
],
"trust": 1.0
},
"cve": "CVE-2018-6231",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-6231",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-6231",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-07464",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-6231",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-6231",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2018-6231",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-07464",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-578",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of credentials provided at login. When parsing the username, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. A security vulnerability exists in Trend MicroSmartProtectionServer (Standalone) 3.3 and earlier. \nSuccessfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"db": "BID",
"id": "103529"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6231",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-18-218",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5625",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-07464",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201803-578",
"trust": 0.6
},
{
"db": "BID",
"id": "103529",
"trust": 0.3
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"db": "BID",
"id": "103529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"id": "VAR-201803-1796",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07464"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07464"
}
]
},
"last_update_date": "2023-12-18T12:57:01.380000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "1119385",
"trust": 1.5,
"url": "https://success.trendmicro.com/solution/1119385"
},
{
"title": "TrendMicroSmartProtectionServer (Standalone) privilege escalation vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/125375"
},
{
"title": "Trend Micro Smart Protection Server(Standalone) Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79214"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "CWE-77",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "NVD",
"id": "CVE-2018-6231"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://success.trendmicro.com/solution/1119385"
},
{
"trust": 1.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-18-218/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6231"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6231"
},
{
"trust": 0.3,
"url": "http://www.trend.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"db": "BID",
"id": "103529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"db": "BID",
"id": "103529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-28T00:00:00",
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"date": "2018-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"date": "2018-02-28T00:00:00",
"db": "BID",
"id": "103529"
},
{
"date": "2018-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"date": "2018-03-15T19:29:01.280000",
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"date": "2018-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-28T00:00:00",
"db": "ZDI",
"id": "ZDI-18-218"
},
{
"date": "2018-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07464"
},
{
"date": "2018-02-28T00:00:00",
"db": "BID",
"id": "103529"
},
{
"date": "2018-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002787"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-6231"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trend Micro Smart Protection Server Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002787"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-578"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…