SQL Injection Vulnerability in Trend Micro Email Encryption Gateway 5.5 Allows Arbitrary Code Execution

SQL Injection Vulnerability in Trend Micro Email Encryption Gateway 5.5 Allows Arbitrary Code Execution

CVE-2018-6228 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.