CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9488

Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.3%

CVSS Severity

CVSS v3 Score 4.9

CVSS v2 Score 4.0

References

https://success.trendmicro.com/solution/1122900
https://success.trendmicro.com/solution/1122900

Products affected by CVE-2019-9488

Trendmicro » Deep Security Manager » Version: 10.0

cpe:2.3:a:trendmicro:deep_security_manager:10.0
Trendmicro » Deep Security Manager » Version: 11.0

cpe:2.3:a:trendmicro:deep_security_manager:11.0
Trendmicro » Deep Security Manager » Version: 11.3

cpe:2.3:a:trendmicro:deep_security_manager:11.3
Trendmicro » Vulnerability Protection » Version: 2.0

cpe:2.3:a:trendmicro:vulnerability_protection:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9488

Products

Pricing

Contact Us