Sign-up

ID

VAR-201803-1796


CVE

CVE-2018-6231


TITLE

Trend Micro Smart Protection Server Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002787

DESCRIPTION

A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of credentials provided at login. When parsing the username, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. A security vulnerability exists in Trend MicroSmartProtectionServer (Standalone) 3.3 and earlier. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition

Trust: 3.06

sources: NVD: CVE-2018-6231 // JVNDB: JVNDB-2018-002787 // ZDI: ZDI-18-218 // CNVD: CNVD-2018-07464 // BID: 103529

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-07464

AFFECTED PRODUCTS

vendor:trendmicromodel:smart protection serverscope:lteversion:3.3

Trust: 1.0

vendor:trend micromodel:smart protection serverscope:lteversion:3.3

Trust: 0.8

vendor:trend micromodel:smart protection serverscope: - version: -

Trust: 0.7

vendor:trend micromodel:smart protection serverscope:lteversion:<=3.3

Trust: 0.6

vendor:trendmicromodel:smart protection serverscope:eqversion:3.3

Trust: 0.6

vendor:trend micromodel:smart protection serverscope:eqversion:3.3

Trust: 0.3

vendor:trend micromodel:smart protection server cp b1030scope:eqversion:3.1

Trust: 0.3

vendor:trend micromodel:smart protection serverscope:eqversion:3.1

Trust: 0.3

vendor:trend micromodel:smart protection server cp b1348scope:eqversion:3.0

Trust: 0.3

vendor:trend micromodel:smart protection serverscope:eqversion:3.0

Trust: 0.3

sources: ZDI: ZDI-18-218 // CNVD: CNVD-2018-07464 // BID: 103529 // JVNDB: JVNDB-2018-002787 // CNNVD: CNNVD-201803-578 // NVD: CVE-2018-6231

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-6231
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-6231
value: CRITICAL

Trust: 0.8

ZDI: CVE-2018-6231
value: HIGH

Trust: 0.7

CNVD: CNVD-2018-07464
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201803-578
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2018-6231
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2018-6231
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2018-07464
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-6231
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-18-218 // CNVD: CNVD-2018-07464 // JVNDB: JVNDB-2018-002787 // CNNVD: CNNVD-201803-578 // NVD: CVE-2018-6231

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:CWE-77

Trust: 0.8

sources: JVNDB: JVNDB-2018-002787 // NVD: CVE-2018-6231

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-578

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201803-578

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-002787

PATCH
title:1119385url:https://success.trendmicro.com/solution/1119385
Trust: 1.5
title:TrendMicroSmartProtectionServer (Standalone) privilege escalation vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/125375
Trust: 0.6
title:Trend Micro Smart Protection Server(Standalone) Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79214
Trust: 0.6
sources:
            
            
            ZDI: ZDI-18-218 // 
            
            
            
            CNVD: CNVD-2018-07464 // 
            
            
            
            JVNDB: JVNDB-2018-002787 // 
            
            
            
            CNNVD: CNNVD-201803-578

EXTERNAL IDS
db:NVDid:CVE-2018-6231
Trust: 4.0
db:ZDIid:ZDI-18-218
Trust: 2.6
db:JVNDBid:JVNDB-2018-002787
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-5625
Trust: 0.7
db:CNVDid:CNVD-2018-07464
Trust: 0.6
db:CNNVDid:CNNVD-201803-578
Trust: 0.6
db:BIDid:103529
Trust: 0.3
sources:
            
            
            ZDI: ZDI-18-218 // 
            
            
            
            CNVD: CNVD-2018-07464 // 
            
            
            
            BID: 103529 // 
            
            
            
            JVNDB: JVNDB-2018-002787 // 
            
            
            
            CNNVD: CNNVD-201803-578 // 
            
            
            
            NVD: CVE-2018-6231

REFERENCES
url:https://success.trendmicro.com/solution/1119385
Trust: 3.2
url:https://www.zerodayinitiative.com/advisories/zdi-18-218/
Trust: 1.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6231
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-6231
Trust: 0.8
url:http://www.trend.com
Trust: 0.3
sources:
            
            
            ZDI: ZDI-18-218 // 
            
            
            
            CNVD: CNVD-2018-07464 // 
            
            
            
            BID: 103529 // 
            
            
            
            JVNDB: JVNDB-2018-002787 // 
            
            
            
            CNNVD: CNNVD-201803-578 // 
            
            
            
            NVD: CVE-2018-6231

CREDITS
Alain Homewood (Insomnia Security)
Trust: 1.0
sources:
            
            
            ZDI: ZDI-18-218 // 
            
            
            
            BID: 103529

SOURCES
db:ZDIid:ZDI-18-218
db:CNVDid:CNVD-2018-07464
db:BIDid:103529
db:JVNDBid:JVNDB-2018-002787
db:CNNVDid:CNNVD-201803-578
db:NVDid:CVE-2018-6231

LAST UPDATE DATE
2024-11-23T22:12:38.068000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-18-218date:2018-02-28T00:00:00
db:CNVDid:CNVD-2018-07464date:2018-04-11T00:00:00
db:BIDid:103529date:2018-02-28T00:00:00
db:JVNDBid:JVNDB-2018-002787date:2018-05-01T00:00:00
db:CNNVDid:CNNVD-201803-578date:2019-10-23T00:00:00
db:NVDid:CVE-2018-6231date:2024-11-21T04:10:20.827

SOURCES RELEASE DATE
db:ZDIid:ZDI-18-218date:2018-02-28T00:00:00
db:CNVDid:CNVD-2018-07464date:2018-04-11T00:00:00
db:BIDid:103529date:2018-02-28T00:00:00
db:JVNDBid:JVNDB-2018-002787date:2018-05-01T00:00:00
db:CNNVDid:CNNVD-201803-578date:2018-03-16T00:00:00
db:NVDid:CVE-2018-6231date:2018-03-15T19:29:01.280