CSRF Vulnerability in Trend Micro ScanMail for Exchange 12.0 Web Interface Forms

CSRF Vulnerability in Trend Micro ScanMail for Exchange 12.0 Web Interface Forms

CVE-2017-14092 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.