Vulnerability Details CVE-2009-0613
Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 71.0%
CVSS Severity
CVSS v2 Score 6.0
References
- http://secunia.com/advisories/33867
- http://www.securitytracker.com/id?1021694
- http://www.trendmicro.com/ftp/documentation/readme/iwss_31_win_en_readme_CP_1237_EN.txt
- http://www.vupen.com/english/advisories/2009/0369
- http://secunia.com/advisories/33867
- http://www.securitytracker.com/id?1021694
- http://www.trendmicro.com/ftp/documentation/readme/iwss_31_win_en_readme_CP_1237_EN.txt
- http://www.vupen.com/english/advisories/2009/0369
Products affected by CVE-2009-0613
-
cpe:2.3:a:trendmicro:interscan_web_security_suite:3.1