Session Hijacking via Log Disclosure Vulnerability in Trend Micro Smart Protection Server

Session Hijacking via Log Disclosure Vulnerability in Trend Micro Smart Protection Server

CVE-2017-11398 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system.

Learn more about our Cis Benchmark Audit For Server Software.