Vulnerability Details CVE-2017-14091
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.6
References
- https://success.trendmicro.com/solution/1118486
- https://www.coresecurity.com/advisories/trend-micro-scanmail-microsoft-exchange-multiple-vulnerabilities
- https://success.trendmicro.com/solution/1118486
- https://www.coresecurity.com/advisories/trend-micro-scanmail-microsoft-exchange-multiple-vulnerabilities
Products affected by CVE-2017-14091
-
cpe:2.3:a:trendmicro:scanmail:12.0