First published: Fri Feb 09 2018(Updated: )
A password hash usage authentication bypass vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to bypass authentication on vulnerable installations.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Control Manager | =6.0 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-3601 is a vulnerability that allows remote attackers to bypass authentication on vulnerable installations of Trend Micro Control Manager.
CVE-2018-3601 exists within the handling of challenges for authentication in Trend Micro Control Manager, allowing attackers to bypass authentication.
No, user interaction is not required to exploit CVE-2018-3601.
Trend Micro Control Manager version 6.0 is affected by CVE-2018-3601.
To fix CVE-2018-3601, it is recommended to update to a patched version of Trend Micro Control Manager.