Trend Micro SafeSync for Enterprise Authentication Bypass
Medium Nessus Plugin ID 100618
SynopsisA web application running on the remote host is affected by an authentication bypass vulnerability.
DescriptionThe Trend Micro SafeSync for Enterprise (SSFE) application running on the remote host is affected by an authentication bypass vulnerability.
An unauthenticated, remote attacker can exploit this, via a series of HTTP PUT requests using specially crafted parameters, to disclose the valid, unexpired session key of a logged in user from the MgmtuiSession table, which can then be used to conduct further attacks.
Note that SSFE is reportedly affected by additional vulnerabilities;
however, Nessus has not tested for these.
SolutionUpgrade to SSFE version 3.2 SP1 (build 1531) or later.