Trend Micro Update
1665Warning Date
Severity Level
Warning Number
Target Sector
16 December, 2020
● High
2020-2205
All
Description:
Trend Micro has released a security update to address multiple vulnerabilities in the following product:
- Trend Micro InterScan Web Security Virtual Appliance (IWSVA) - Virtual Appliance
- 6.5 SP2
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Cross-site request forgery (CSRF)
- Cross-site scripting (XSS) attack
- Authorization/authentication bypass
- Command injection
Best practice and Recommendations:
The CERT team encourages users to review Trend Micro security advisory and apply the necessary update: