CVE-2020-15601 - OpenCVE

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:H/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Trendmicro	Deep Security Manager Vulnerability Protection

Configuration 1 [-]

AND

OR	cpe:2.3:a:trendmicro:deep_security_manager:10.0:-::::::
	cpe:2.3:a:trendmicro:deep_security_manager:11.0:-::::::
	cpe:2.3:a:trendmicro:deep_security_manager:12.0:-::::::
	cpe:2.3:a:trendmicro:vulnerability_protection:2.0:sp2::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://success.trendmicro.com/solution/000252039
https://www.zerodayinitiative.com/advisories/ZDI-20-1077/

History

No history.

MITRE

Status: PUBLISHED

Assigner: trendmicro

Published: 2020-08-27T20:35:18

Updated: 2024-08-04T13:22:30.378Z

Reserved: 2020-07-07T00:00:00

Link: CVE-2020-15601

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-08-27T21:15:12.227

Modified: 2020-09-03T15:06:17.360

Link: CVE-2020-15601

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Trend Micro Deep Security", "vendor": "Trend Micro", "versions": [{"status": "affected", "version": "10.0, 11.0, 12.0"}]}], "descriptions": [{"lang": "en", "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."}], "problemTypes": [{"descriptions": [{"description": "Authentication Bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-27T20:35:18", "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://success.trendmicro.com/solution/000252039"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@trendmicro.com", "ID": "CVE-2020-15601", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Trend Micro Deep Security", "version": {"version_data": [{"version_value": "10.0, 11.0, 12.0"}]}}]}, "vendor_name": "Trend Micro"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Authentication Bypass"}]}]}, "references": {"reference_data": [{"name": "https://success.trendmicro.com/solution/000252039", "refsource": "MISC", "url": "https://success.trendmicro.com/solution/000252039"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:22:30.378Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://success.trendmicro.com/solution/000252039"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"}]}]}, "cveMetadata": {"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "assignerShortName": "trendmicro", "cveId": "CVE-2020-15601", "datePublished": "2020-08-27T20:35:18", "dateReserved": "2020-07-07T00:00:00", "dateUpdated": "2024-08-04T13:22:30.378Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:10.0:-:*:*:*:*:*:*", "matchCriteriaId": "591F99B9-037F-49F2-90C9-C9327465ED3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:11.0:-:*:*:*:*:*:*", "matchCriteriaId": "BFDDD30A-3F6D-4611-A7EC-D66BC481D59D", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:deep_security_manager:12.0:-:*:*:*:*:*:*", "matchCriteriaId": "75D9AC7B-D110-417F-BC90-A70083D6935F", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:vulnerability_protection:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "E338E06A-643E-4655-BF0B-FB8A2C304458", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability."}, {"lang": "es", "value": "Si la autenticaci\u00f3n LDAP est\u00e1 habilitada, una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n LDAP en Trend Micro Deep Security versiones 10.x-12.x, podr\u00eda permitir a un atacante no autenticado con conocimiento previo de la organizaci\u00f3n objetivo omitir la autenticaci\u00f3n del administrador. Habilitar la autenticaci\u00f3n multifactorial impide este ataque. Las instalaciones que usan la autenticaci\u00f3n nativa del administrador o la autenticaci\u00f3n SAML no est\u00e1n afectadas por esta vulnerabilidad"}], "id": "CVE-2020-15601", "lastModified": "2020-09-03T15:06:17.360", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-27T21:15:12.227", "references": [{"source": "security@trendmicro.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000252039"}, {"source": "security@trendmicro.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1077/"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}