Vulnerability Details CVE-2020-27693
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.6%
CVSS Severity
CVSS v3 Score 4.4
CVSS v2 Score 2.1
References
- https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/
- https://success.trendmicro.com/solution/000279833
- https://sec-consult.com/en/blog/advisories/vulnerabilities-in-trend-micro-interscan-messaging-security-virtual-appliance-imsva/
- https://success.trendmicro.com/solution/000279833
Products affected by CVE-2020-27693
-
cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:8.5.1.1516
-
cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.0
-
cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.1
-
cpe:2.3:o:microsoft:windows:-