ZDI-18-411: Trend Micro Encryption for Email Gateway DBCrypto Authentication Weakness Vulnerability
This vulnerability allows attackers to recover user passwords on vulnerable installations of Trend Micro Encryption for Email Gateway. An attacker must first obtain access to the user database on the target system in order to exploit this vulnerability. The specific flaw exists within the DBCrypto class. When storing user passwords, the process stores them in a recoverable format using a hard-coded key. An attacker can then leverage this vulnerability to decrypt existing passwords.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro Encryption for Email Gateway |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-18-411?
The severity of ZDI-18-411 is considered critical due to the potential exposure of sensitive user passwords.
How do I fix ZDI-18-411?
To fix ZDI-18-411, users should update their Trend Micro Encryption for Email Gateway to the latest version provided by Trend Micro.
What systems are affected by ZDI-18-411?
ZDI-18-411 affects vulnerable installations of Trend Micro Encryption for Email Gateway.
What type of attack is possible with ZDI-18-411?
ZDI-18-411 allows attackers to recover user passwords if they gain access to the user database.
What is required for an attacker to exploit ZDI-18-411?
An attacker must first gain access to the user database on the target system to exploit ZDI-18-411.
- agent/references
- agent/type
- agent/softwarecombine
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-18-411
- alias/ZDI-CAN-5513
- alias/CVE-2018-10355
- agent/software-canonical-lookup
- agent/severity
- agent/tags
- agent/title
- agent/description
- agent/event
- agent/source
- vendor/trend micro
- canonical/trend micro encryption for email gateway