Trendmicro Smart Protection Server — known CVE vulnerabilities
Every CVE whose affected-product data names Trendmicro Smart Protection Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2018-6231 — CVSS 9.8 (critical): A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and…
CVE-2017-14094 — CVSS 9.8 (critical): A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote…
CVE-2017-14097 — CVSS 9.8 (critical): An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker…
CVE-2016-6269 — CVSS 9.1 (critical): Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0…
CVE-2016-6266 — CVSS 8.8 (high): ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows…
CVE-2016-6267 — CVSS 8.8 (high): SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote…
CVE-2017-11395 — CVSS 8.8 (high): Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers…
CVE-2017-11398 — CVSS 8.8 (high): A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow…
CVE-2018-10350 — CVSS 8.8 (high): A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker…
CVE-2017-14095 — CVSS 8.1 (high): A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote…
CVE-2016-6268 — CVSS 7.8 (high): Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to…
CVE-2018-6237 — CVSS 7.5 (high): A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the…
CVE-2017-14096 — CVSS 6.1 (medium): A stored cross site scripting (XSS) vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an…