Skip to main content

Interscan Messaging Security Virtual Appliance

13 CVEs product

Monthly

CVE-2021-25252 MEDIUM PATCH This Month

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Apex Central Apex One Cloud Edge +16
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-27694 HIGH POC This Week

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 has updated a specific critical library that may vulnerable to attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Information Disclosure Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.1
8.8
EPSS
7.3%
CVE-2020-27693 MEDIUM POC This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Information Disclosure Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.1
4.4
EPSS
1.8%
CVE-2020-27019 MEDIUM POC THREAT This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Authentication Bypass Information Disclosure Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.1
5.5
EPSS
17.9%
CVE-2020-27018 MEDIUM POC This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro SSRF Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.1
5.5
EPSS
3.5%
CVE-2020-27017 MEDIUM POC This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an XML External Entity Processing (XXE) vulnerability which could allow an authenticated administrator to read. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro XXE Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.1
4.9
EPSS
6.4%
CVE-2020-27016 HIGH POC This Week

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro CSRF Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2018-3609 HIGH POC THREAT This Week

A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Trend Micro Information Disclosure Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.0
8.1
EPSS
21.8%
CVE-2017-11392 HIGH POC THREAT Act Now

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.9%.

RCE Trend Micro Command Injection Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.0
8.8
EPSS
73.9%
Threat
5.5
CVE-2017-11391 HIGH POC THREAT Act Now

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.4%.

RCE Trend Micro Command Injection Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.0
8.8
EPSS
81.4%
Threat
5.7
CVE-2017-7896 MEDIUM POC PATCH THREAT This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.3%.

XSS Trend Micro Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.0
6.1
EPSS
53.3%
Threat
4.3
CVE-2017-6398 HIGH POC THREAT Act Now

An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 64.6%.

Trend Micro Command Injection Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.0
8.8
EPSS
64.6%
Threat
5.2
CVE-2014-3922 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Trend Micro Interscan Messaging Security Virtual Appliance
NVD
CVSS 2.0
4.3
EPSS
1.1%
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Apex Central +18
NVD
EPSS 7% CVSS 8.8
HIGH POC This Week

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 has updated a specific critical library that may vulnerable to attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Information Disclosure Interscan Messaging Security Virtual Appliance
NVD
EPSS 2% CVSS 4.4
MEDIUM POC This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Information Disclosure Interscan Messaging Security Virtual Appliance
NVD
EPSS 18% CVSS 5.5
MEDIUM POC THREAT This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Authentication Bypass Information Disclosure +1
NVD
EPSS 3% CVSS 5.5
MEDIUM POC This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro SSRF Interscan Messaging Security Virtual Appliance
NVD
EPSS 6% CVSS 4.9
MEDIUM POC This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an XML External Entity Processing (XXE) vulnerability which could allow an authenticated administrator to read. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro XXE Interscan Messaging Security Virtual Appliance
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro CSRF Interscan Messaging Security Virtual Appliance
NVD
EPSS 22% CVSS 8.1
HIGH POC THREAT This Week

A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Trend Micro Information Disclosure Interscan Messaging Security Virtual Appliance
NVD
EPSS 74% 5.5 CVSS 8.8
HIGH POC THREAT Act Now

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.9%.

RCE Trend Micro Command Injection +1
NVD
EPSS 81% 5.7 CVSS 8.8
HIGH POC THREAT Act Now

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.4%.

RCE Trend Micro Command Injection +1
NVD
EPSS 53% 4.3 CVSS 6.1
MEDIUM POC PATCH THREAT This Month

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.3%.

XSS Trend Micro Interscan Messaging Security Virtual Appliance
NVD
EPSS 65% 5.2 CVSS 8.8
HIGH POC THREAT Act Now

An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 64.6%.

Trend Micro Command Injection Interscan Messaging Security Virtual Appliance
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Trend Micro Interscan Messaging Security Virtual Appliance
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy