Intrusion Prevention

Trend.Micro.IMSVA.Management.Portal.Authentication.Bypass

Description

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Trend Micro InterScan Messaging Security (Virtual Appliance).
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. A remote attacker may be able to exploit this to access the service without credentials.

Affected Products

Trend Micro InterScan Messaging Security (Virtual Appliance) 9.0 prior to CP1653
Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1 prior to CP1682

Impact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor:
https://success.trendmicro.com/solution/1119277

CVE References

CVE-2018-3609