First published: Thu Mar 15 2018(Updated: )
A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trend Micro Smart Protection Server | ||
Trend Micro Smart Protection Server | <=3.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-6231 is classified as a critical severity vulnerability that allows for remote privilege escalation.
To remediate CVE-2018-6231, update Trend Micro Smart Protection Server to version 3.4 or higher.
CVE-2018-6231 affects Trend Micro Smart Protection Server versions 3.3 and below.
Yes, CVE-2018-6231 can be exploited remotely by attackers due to the server auth command injection flaw.
CVE-2018-6231 can facilitate privilege escalation attacks, allowing unauthorized access to vulnerable installations.