CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6231

A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.211

EPSS Ranking 95.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-6231

Trendmicro » Smart Protection Server » Version: 2.5

cpe:2.3:a:trendmicro:smart_protection_server:2.5
Trendmicro » Smart Protection Server » Version: 2.6

cpe:2.3:a:trendmicro:smart_protection_server:2.6
Trendmicro » Smart Protection Server » Version: 3.0

cpe:2.3:a:trendmicro:smart_protection_server:3.0
Trendmicro » Smart Protection Server » Version: 3.1

cpe:2.3:a:trendmicro:smart_protection_server:3.1
Trendmicro » Smart Protection Server » Version: 3.2

cpe:2.3:a:trendmicro:smart_protection_server:3.2
Trendmicro » Smart Protection Server » Version: 3.3

cpe:2.3:a:trendmicro:smart_protection_server:3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6231

Products

Pricing

Contact Us