ZDI-CAN-10117: Trend Micro InterScan Web Security Virtual Appliance Apache Solr Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance. The specific flaw exists within the Apache Solr application. The issue results from the lack of proper implementation of authentication. An attacker can leverage this vulnerability to bypass authentication on the system.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro InterScan Web Security Suite |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-CAN-10117?
The severity of ZDI-CAN-10117 is considered critical as it allows remote attackers to bypass authentication.
How do I fix ZDI-CAN-10117?
To fix ZDI-CAN-10117, apply the latest patches provided by Trend Micro for the InterScan Web Security Virtual Appliance.
What software is affected by ZDI-CAN-10117?
ZDI-CAN-10117 affects Trend Micro InterScan Web Security Virtual Appliance installations.
Can ZDI-CAN-10117 be exploited remotely?
Yes, ZDI-CAN-10117 can be exploited remotely by unauthorized attackers.
What are the potential impacts of ZDI-CAN-10117?
The potential impacts of ZDI-CAN-10117 include unauthorized access to sensitive data and systems.
- agent/references
- agent/softwarecombine
- agent/title
- agent/severity
- agent/event
- agent/description
- agent/type
- agent/source
- agent/tags
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-20-677
- alias/ZDI-CAN-10117
- alias/CVE-2020-8606
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/trend micro
- canonical/trend micro interscan web security suite