Trend Micro ScanMail for Exchange 10.2 < Build 3318 / 11.x < Build 4180 Predictable Session IDs

medium Nessus Plugin ID 84007

Synopsis

The remote Windows host has an email security application installed with weak session ID generation.

Description

The version of Trend Micro ScanMail for Exchange (SMEX) installed on the remote Windows host is affected by a flaw in its bundled web-based user interface due to insufficient complexity in the generation of session IDs. A remote attacker, by more easily guessing the session ID, can use an authenticated user's session to gain access to the web interface.

Solution

Apply 11.0 Hot Fix Build 4180 / 10.2 Hot Fix Build 3318.

See Also

https://success.trendmicro.com/solution/1109669

Plugin Details

Severity: Medium

ID: 84007

File Name: trendmicro_smex_11_0_4180.nasl

Version: 1.5

Type: local

Agent: windows

Family: Windows

Published: 6/5/2015

Updated: 8/1/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:trend_micro:scanmail

Required KB Items: installed_sw/Trend Micro ScanMail for Exchange

Exploit Ease: No known exploits are available

Patch Publication Date: 4/20/2015

Vulnerability Publication Date: 4/20/2015

Reference Information

CVE: CVE-2015-3326

BID: 74661