Published:2020/11/27 Last Updated:2020/11/27
JVNVU#98890246
Multiple vulnerabilities in Trend Micro InterScan Messaging Virtual Appliance (IMSVA)
Overview
Trend Micro InterScan Messaging Virtual Appliance (IMSVA) provided by Trend Micro Incorporated contains multiple vulnerabilities.
Products Affected
- Interscan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 CP B2025
Description
Interscan Messaging Security Virtual Appliance (IMSVA) provided by Trend Micro Incorporated contains multiple vulnerabilities listed below.
- Cross-site request forgery (CWE-352) - CVE-2020-27016
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.5 - Improper restriction of XML external entity processing (XXE) (CWE-611) - CVE-2020-27017
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L Base Score: 5.7 - Server side request forgery (CWE-918) - CVE-2020-27018
CVSS v3 CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N Base Score: 2.0 - Information disclosure (CWE-200) - CVE-2020-27019
CVSS v3 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Base Score: 4.8 - Use of password hash with insufficient computational effort (CWE-916) - CVE-2020-27693
CVSS v3 CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L Base Score: 3.1 - Use of unmaintained third party libraries (CWE-1104) - CVE-2020-27694
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L Base Score: 4.6
Impact
- A remote attacker may alter policy rules such as malware checks and/or Email filtering rules - CVE-2020-27016
- A remote attacker who obtained administrative privileges may read arbitrary local files on the product - CVE-2020-27017
- An attacker who obtained administrative privileges may abuse the product's web server and grant access to web resources and/or parts of local files - CVE-2020-27018
- An attacker may obtain specific information and/or keys in the product's database - CVE-2020-27019
- An attacker may decipher a user's password, due to the product's weak password hash algorithm - CVE-2020-27693
- A remote attacker may abuse the vulnerabilities in the outdated third party libraries used in the product - CVE-2020-27694
Solution
Apply the patch
Apply the appropriate patch according to the information provided by the developer.
Apply workaround
Applying the following workaround may mitigate the impacts of these vulnerabilities.
- Block access from outside to the following ports.
- 8445/TCP
- 8446/TCP
- 8447/TCP
Vendor Status
| Vendor | Link |
| Trend Micro Incorporated | SECURITY BULLETIN: Multiple Vulnerabilities in Trend Micro InterScan Messaging Virtual Appliance (IMSVA) 9.1 |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2020-27016 |
|
CVE-2020-27017 |
|
|
CVE-2020-27018 |
|
|
CVE-2020-27019 |
|
|
CVE-2020-27693 |
|
|
CVE-2020-27694 |
|
| JVN iPedia |
|