ZDI-20-677: Trend Micro InterScan Web Security Virtual Appliance Apache Solr Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance. The specific flaw exists within the Apache Solr application. The issue results from the lack of proper implementation of authentication. An attacker can leverage this vulnerability to bypass authentication on the system.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro InterScan Web Security Suite |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-20-677?
The severity of ZDI-20-677 is classified as critical due to its potential to allow unauthorized access.
How do I fix ZDI-20-677?
To fix ZDI-20-677, apply the latest patch provided by Trend Micro for the InterScan Web Security Virtual Appliance.
Who is affected by ZDI-20-677?
Any users of the Trend Micro InterScan Web Security Virtual Appliance could be affected by ZDI-20-677.
What type of vulnerability is ZDI-20-677?
ZDI-20-677 is a remote authentication bypass vulnerability in the Apache Solr application.
What are the potential risks of ZDI-20-677?
The potential risks of ZDI-20-677 include unauthorized access to sensitive data and compromise of the web security appliance.
- agent/references
- agent/type
- agent/softwarecombine
- agent/title
- agent/severity
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-20-677
- alias/ZDI-CAN-10117
- alias/CVE-2020-8606
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/trend micro
- canonical/trend micro interscan web security suite