CVE-2017-11380
First published: Tue Aug 01 2017(Updated: )
Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1.
Credit: security@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trendmicro Deep Discovery Director | =1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-11380?
The severity of CVE-2017-11380 is rated as critical with a score of 9.8.
What does CVE-2017-11380 vulnerability involve?
CVE-2017-11380 involves backup archives being encrypted with a static password across different installations of Trend Micro Deep Discovery Director 1.1.
How do I fix CVE-2017-11380?
To fix CVE-2017-11380, ensure that unique passwords are used for each backup archive in all instances of Trend Micro Deep Discovery Director.
Who is affected by CVE-2017-11380?
CVE-2017-11380 affects all installations of Trend Micro Deep Discovery Director version 1.1.
What are the potential risks of CVE-2017-11380?
The potential risks of CVE-2017-11380 include unauthorized access to backup data due to the use of a static password across multiple installations.
- collector/nvd-index
- vendor/trendmicro
- product/deep discovery director
- canonical/trendmicro deep discovery director