Deep Discovery Director
by Trend Micro
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11381 | Cri | 0.64 | 9.8 | 0.03 | Aug 1, 2017 | A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console. | ||
| CVE-2017-11380 | Cri | 0.64 | 9.8 | 0.01 | Aug 1, 2017 | Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1. | ||
| CVE-2017-11379 | Hig | 0.49 | 7.5 | 0.00 | Aug 1, 2017 | Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1. |
- risk 0.64cvss 9.8epss 0.03
A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console.
- risk 0.64cvss 9.8epss 0.01
Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1.
- risk 0.49cvss 7.5epss 0.00
Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1.