Vulnerability Details CVE-2017-14084
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.101
EPSS Ranking 95.1%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
References
- http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFFICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt
- http://packetstormsecurity.com/files/144400/TrendMicro-OfficeScan-11.0-XG-12.0-Man-In-The-Middle.html
- http://seclists.org/fulldisclosure/2017/Sep/87
- http://www.securityfocus.com/archive/1/541264/100/0/threaded
- http://www.securityfocus.com/archive/1/541275/100/0/threaded
- http://www.securityfocus.com/bid/101072
- http://www.securitytracker.com/id/1039500
- https://success.trendmicro.com/solution/1118372
- https://www.exploit-db.com/exploits/42891/
- http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFFICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt
- http://packetstormsecurity.com/files/144400/TrendMicro-OfficeScan-11.0-XG-12.0-Man-In-The-Middle.html
- http://seclists.org/fulldisclosure/2017/Sep/87
- http://www.securityfocus.com/archive/1/541264/100/0/threaded
- http://www.securityfocus.com/archive/1/541275/100/0/threaded
- http://www.securityfocus.com/bid/101072
- http://www.securitytracker.com/id/1039500
- https://success.trendmicro.com/solution/1118372
- https://www.exploit-db.com/exploits/42891/
Products affected by CVE-2017-14084
-
cpe:2.3:a:trendmicro:officescan:11.0
-
cpe:2.3:a:trendmicro:officescan:12.0