First published: Thu May 05 2016(Updated: )
SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway (TMEEG) 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Trend Micro Email Encryption Gateway | <=5.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-4351 is considered a critical vulnerability due to its potential for remote code execution through SQL injection.
To fix CVE-2016-4351, upgrade Trend Micro Email Encryption Gateway to version 5.5 build 1108 or later.
CVE-2016-4351 affects Trend Micro Email Encryption Gateway versions prior to 5.5 build 1108.
Yes, CVE-2016-4351 can be exploited remotely by attackers using SQL injection techniques.
If CVE-2016-4351 is exploited, attackers can execute arbitrary SQL commands which may compromise the database integrity.