CVE-2018-10357

Sažetak

A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to exploit this vulnerability.

Reference

http://www.securityfocus.com/bid/104355
https://success.trendmicro.com/solution/1119811
https://www.zerodayinitiative.com/advisories/ZDI-18-469/

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

26-06-2018 - 18:35

Objavljeno

23-05-2018 - 16:29