VYPR

Deep Discovery Director

by Trend Micro

CVEs (3)

  • CVE-2017-11381CriAug 1, 2017
    risk 0.64cvss 9.8epss 0.03

    A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console.

  • CVE-2017-11380CriAug 1, 2017
    risk 0.64cvss 9.8epss 0.01

    Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1.

  • CVE-2017-11379HigAug 1, 2017
    risk 0.49cvss 7.5epss 0.00

    Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1.