Vulnerability Details CVE-2018-10507
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. An attacker must already have administrator privileges in order to exploit this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.9%
CVSS Severity
CVSS v3 Score 4.4
CVSS v2 Score 2.1
References
- http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-v11.0-UNAUTHORIZED-CHANGE-PREVENTION-SERVICE-BYPASS.txt
- https://success.trendmicro.com/solution/1119961
- https://www.exploit-db.com/exploits/44858/
- http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-v11.0-UNAUTHORIZED-CHANGE-PREVENTION-SERVICE-BYPASS.txt
- https://success.trendmicro.com/solution/1119961
- https://www.exploit-db.com/exploits/44858/
Products affected by CVE-2018-10507
-
cpe:2.3:a:trendmicro:officescan:11.0
-
cpe:2.3:a:trendmicro:officescan:xg