) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:trendmicro:smart_protection_server:3.3:*:*:*:*:*:*:*
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-6237 |
A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service (DoS) situation. Published: May 25, 2018; 11:29:00 AM -0400 |
V3.0: 7.5 HIGH V2.0: 7.8 HIGH |
| CVE-2018-10350 |
A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. Authentication is required in order to exploit this vulnerability. Published: May 25, 2018; 11:29:00 AM -0400 |
V3.0: 8.8 HIGH V2.0: 9.0 HIGH |
| CVE-2018-6231 |
A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations. Published: March 15, 2018; 3:29:01 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |