CVE-2017-11385 - OpenCVE

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Trendmicro	Control Manager

Configuration 1 [-]

cpe:2.3:a:trendmicro:control_manager:6.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/100078
http://www.securitytracker.com/id/1039049
http://www.zerodayinitiative.com/advisories/ZDI-17-495
https://success.trendmicro.com/solution/1117722

History

No history.

MITRE

Status: PUBLISHED

Assigner: trendmicro

Published: 2017-08-02T21:00:00

Updated: 2024-08-05T18:05:30.596Z

Reserved: 2017-07-17T00:00:00

Link: CVE-2017-11385

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-08-02T21:29:00.260

Modified: 2017-08-06T01:29:00.637

Link: CVE-2017-11385

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-07-13T00:00:00", "descriptions": [{"lang": "en", "value": "SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-05T09:57:01", "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro"}, "references": [{"name": "100078", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/100078"}, {"name": "1039049", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039049"}, {"tags": ["x_refsource_MISC"], "url": "https://success.trendmicro.com/solution/1117722"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-495"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@trendmicro.com", "ID": "CVE-2017-11385", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "100078", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100078"}, {"name": "1039049", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039049"}, {"name": "https://success.trendmicro.com/solution/1117722", "refsource": "MISC", "url": "https://success.trendmicro.com/solution/1117722"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-495", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-495"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T18:05:30.596Z"}, "title": "CVE Program Container", "references": [{"name": "100078", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/100078"}, {"name": "1039049", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039049"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://success.trendmicro.com/solution/1117722"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-495"}]}]}, "cveMetadata": {"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "assignerShortName": "trendmicro", "cveId": "CVE-2017-11385", "datePublished": "2017-08-02T21:00:00", "dateReserved": "2017-07-17T00:00:00", "dateUpdated": "2024-08-05T18:05:30.596Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:control_manager:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F7E3779-69E4-46AB-94E3-4A81E35A5194", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n SQL en Trend Micro Control Manager 6.0 permite la ejecuci\u00f3n de c\u00f3digo remoto cuando se ejecuta opcode 0x6b1b por no haber una validaci\u00f3n de los datos de entrada del usuario correcta en cmdHandlerStatusMonitor.dll. Anteriormente esta vulnerabilidad ten\u00eda el c\u00f3digo ZDI-CAN-4545."}], "id": "CVE-2017-11385", "lastModified": "2017-08-06T01:29:00.637", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-02T21:29:00.260", "references": [{"source": "security@trendmicro.com", "url": "http://www.securityfocus.com/bid/100078"}, {"source": "security@trendmicro.com", "url": "http://www.securitytracker.com/id/1039049"}, {"source": "security@trendmicro.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-495"}, {"source": "security@trendmicro.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://success.trendmicro.com/solution/1117722"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}