Information Disclosure and Configuration Manipulation Vulnerability in Trend Micro Deep Discovery Inspector

Information Disclosure and Configuration Manipulation Vulnerability in Trend Micro Deep Discovery Inspector

CVE-2015-2873 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:N

Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x before 3.7.1248, 3.8.x before 3.8.1263, and other versions allows remote attackers to obtain sensitive information or change the configuration via a direct request to the (1) system log URL, (2) whitelist URL, or (3) blacklist URL.

Learn more about our Web Application Penetration Testing UK.