Medium severity6.5NVD Advisory· Published Apr 5, 2017· Updated Jun 17, 2026
CVE-2017-6338
CVE-2017-6338
Description
Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Auditor' to change FTP Access Control Settings, create or modify reports, or upload an HTTPS Decryption Certificate and Private Key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:trendmicro:interscan_web_security_virtual_appliance:*:*:*:*:*:*:*:*Range: <=6.5
Patches
Vulnerability mechanics
References
3- success.trendmicro.com/solution/1116960nvdPatchVendor Advisory
- www.qualys.com/2017/01/12/qsa-2017-01-12/qsa-2017-01-12.pdfnvdExploitTechnical DescriptionThird Party Advisory
- www.securityfocus.com/bid/97482nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.