Vulnerability Details CVE-2017-14084
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.11
EPSS Ranking 93.2%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
References
- http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFFICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt
- http://packetstormsecurity.com/files/144400/TrendMicro-OfficeScan-11.0-XG-12.0-Man-In-The-Middle.html
- http://seclists.org/fulldisclosure/2017/Sep/87
- http://www.securityfocus.com/archive/1/541264/100/0/threaded
- http://www.securityfocus.com/archive/1/541275/100/0/threaded
- http://www.securityfocus.com/bid/101072
- http://www.securitytracker.com/id/1039500
- https://success.trendmicro.com/solution/1118372
- https://www.exploit-db.com/exploits/42891/
- http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFFICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt
- http://packetstormsecurity.com/files/144400/TrendMicro-OfficeScan-11.0-XG-12.0-Man-In-The-Middle.html
- http://seclists.org/fulldisclosure/2017/Sep/87
- http://www.securityfocus.com/archive/1/541264/100/0/threaded
- http://www.securityfocus.com/archive/1/541275/100/0/threaded
- http://www.securityfocus.com/bid/101072
- http://www.securitytracker.com/id/1039500
- https://success.trendmicro.com/solution/1118372
- https://www.exploit-db.com/exploits/42891/
Products affected by CVE-2017-14084
-
cpe:2.3:a:trendmicro:officescan:11.0
-
cpe:2.3:a:trendmicro:officescan:12.0