Trend Micro SafeSync for Enterprise Authentication Bypass

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

A web application running on the remote host is affected by an
authentication bypass vulnerability.

Description :

The Trend Micro SafeSync for Enterprise (SSFE) application running on
the remote host is affected by an authentication bypass vulnerability.
An unauthenticated, remote attacker can exploit this, via a series of
HTTP PUT requests using specially crafted parameters, to disclose the
valid, unexpired session key of a logged in user from the
MgmtuiSession table, which can then be used to conduct further
attacks.

Note that SSFE is reportedly affected by additional vulnerabilities;
however, Nessus has not tested for these.

See also :

https://success.trendmicro.com/solution/1116749

Solution :

Upgrade to SSFE version 3.2 SP1 (build 1531) or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: Misc.

Nessus Plugin ID: 100618 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now