Detections
Analytics

Trend Micro SafeSync for Enterprise Authentication Bypass

high Nessus Plugin ID 100618

Language:

Synopsis

A web application running on the remote host is affected by an authentication bypass vulnerability.

Description

The Trend Micro SafeSync for Enterprise (SSFE) application running on the remote host is affected by an authentication bypass vulnerability.
An unauthenticated, remote attacker can exploit this, via a series of HTTP PUT requests using specially crafted parameters, to disclose the valid, unexpired session key of a logged in user from the MgmtuiSession table, which can then be used to conduct further attacks.

Note that SSFE is reportedly affected by additional vulnerabilities;
however, Nessus has not tested for these.

Solution

Upgrade to SSFE version 3.2 SP1 (build 1531) or later.

See Also

https://success.trendmicro.com/solution/1116749

Plugin Details

Severity: High

ID: 100618

File Name: trendmicro_ssfe_auth_bypass.nasl

Version: Revision: 1.1

Type: remote

Family: Misc.

Published: 6/5/2017

Updated: 6/5/2017

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: x-cpe:/a:trendmicro:safesync_for_enterprise

Required KB Items: www/Trend Micro SafeSync for Enterprise

Exploited by Nessus: true