CVE-2019-9488: XEE

First published: Wed Sep 11 2019(Updated: )

Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).

Credit: security@trendmicro.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• collector/mitre-cve
• source/MITRE
• agent/severity
• agent/remedy
• agent/references
• agent/weakness
• agent/last-modified-date
• agent/author
• agent/event
• agent/first-publish-date
• agent/description
• agent/source
• agent/softwarecombine
• agent/tags
• collector/nvd-index
• agent/software-canonical-lookup-request
• vendor/trendmicro
• canonical/trendmicro deep security manager
• version/trendmicro deep security manager/10.0
• version/trendmicro deep security manager/10.0-u1
• version/trendmicro deep security manager/10.0-u10
• version/trendmicro deep security manager/10.0-u11
• version/trendmicro deep security manager/10.0-u12
• version/trendmicro deep security manager/10.0-u13
• version/trendmicro deep security manager/10.0-u14
• version/trendmicro deep security manager/10.0-u15
• version/trendmicro deep security manager/10.0-u16
• version/trendmicro deep security manager/10.0-u17
• version/trendmicro deep security manager/10.0-u18
• version/trendmicro deep security manager/10.0-u19
• version/trendmicro deep security manager/10.0-u2
• version/trendmicro deep security manager/10.0-u3
• version/trendmicro deep security manager/10.0-u4
• version/trendmicro deep security manager/10.0-u5
• version/trendmicro deep security manager/10.0-u6
• version/trendmicro deep security manager/10.0-u7
• version/trendmicro deep security manager/10.0-u8
• version/trendmicro deep security manager/10.0-u9
• version/trendmicro deep security manager/11.0
• version/trendmicro deep security manager/11.0-u1
• version/trendmicro deep security manager/11.0-u2
• version/trendmicro deep security manager/11.0-u3
• version/trendmicro deep security manager/11.0-u4
• version/trendmicro deep security manager/11.0-u5
• version/trendmicro deep security manager/11.0-u6
• version/trendmicro deep security manager/11.0-u7
• version/trendmicro deep security manager/11.3
• canonical/trend micro vulnerability protection
• version/trend micro vulnerability protection/2.0