Published:2024/10/21 Last Updated:2024/10/21
JVNVU#93072012
Multiple SQL injection vulnerabilities in Trend Micro Deep Discovery Inspector
Overview
Trend Micro Incorporated has released a security update for Trend Micro Deep Discovery Inspector.
Products Affected
- Trend Micro Deep Discovery Inspector versions 5.8 to 6.5
- Trend Micro Deep Discovery Inspector versions prior to 6.6 builds 1097
- Trend Micro Deep Discovery Inspector versions prior to 6.7 builds 1107
Description
Trend Micro Incorporated has released a security update for Trend Micro Deep Discovery Inspector.
Impact
- Information disclosure due to multiple SQL injection vulnerabilities (CVE-2024-46902, CVE-2024-46903)
Solution
Apply the Patch
Apply the patch according to the information provided by the developer.
The developer has released the patches listed below that contain fixes for these vulnerabilities.
- Trend Micro Deep Discovery Inspector 6.6 CP 1097
- Trend Micro Deep Discovery Inspector 6.7 CP 1107
Vendor Status
Vendor | Link |
Trend Micro Incorporated | SECURITY BULLETIN: Trend Micro Deep Discovery Inspector Information Disclosure Vulnerabilities |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.