If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
Advisories
Source ID Title
EUVD EUVD EUVD-2020-7588 If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this attack. Installations using manager native authentication or SAML authentication are not impacted by this vulnerability.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: trendmicro

Published:

Updated: 2024-08-04T13:22:30.378Z

Reserved: 2020-07-07T00:00:00

Link: CVE-2020-15601

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-08-27T21:15:12.227

Modified: 2024-11-21T05:05:50.340

Link: CVE-2020-15601

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.