CVE-2020-15605

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.

CVSS v3 8.1 HIGH
CVSS v2.0 5.1 MEDIUM

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

5.1^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://success.trendmicro.com/solution/000252039	Patch Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1083/	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:trendmicro:deep_security_manager:10.0:-::::::
	cpe:2.3:a:trendmicro:deep_security_manager:11.0:-::::::
	cpe:2.3:a:trendmicro:deep_security_manager:12.0:-::::::
	cpe:2.3:a:trendmicro:vulnerability_protection:2.0:sp2::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-08-27 21:15

Updated : 2024-02-28 17:47

NVD link : CVE-2020-15605

Mitre link : CVE-2020-15605

CVE.ORG link : CVE-2020-15605

JSON object : View

Products Affected

trendmicro

deep_security_manager
vulnerability_protection

microsoft

windows

CWE

CWE-287

Improper Authentication

{"id": "CVE-2020-15605", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2020-08-27T21:15:12.290", "references": [{"url": "https://success.trendmicro.com/solution/000252039", "tags": ["Patch", "Vendor Advisory"], "source": "security@trendmicro.com"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1083/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@trendmicro.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."}, {"lang": "es", "value": "Si la autenticaci\u00f3n LDAP est\u00e1 habilitada, una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n LDAP en Trend Micro Vulnerability Protection versi\u00f3n 2.0 SP2, podr\u00eda permitir a un atacante no autenticado con conocimiento previo de la organizaci\u00f3n objetivo omitir la autenticaci\u00f3n del administrador. Habilitar la autenticaci\u00f3n multifactorial impide este ataque. Las instalaciones que usan la autenticaci\u00f3n nativa del administrador o la autenticaci\u00f3n SAML no est\u00e1n afectadas por esta vulnerabilidad"}], "lastModified": "2020-09-03T15:15:52.520", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "591F99B9-037F-49F2-90C9-C9327465ED3C"}, {"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFDDD30A-3F6D-4611-A7EC-D66BC481D59D"}, {"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:12.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75D9AC7B-D110-417F-BC90-A70083D6935F"}, {"criteria": "cpe:2.3:a:trendmicro:vulnerability_protection:2.0:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E338E06A-643E-4655-BF0B-FB8A2C304458"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@trendmicro.com"}