Trend Micro Control Manager cgiShowClientAdm Security Bypass

high Nessus Plugin ID 99730

Synopsis

A CGI application running on the remote host is affected by a security bypass vulnerability.

Description

The version of Trend Micro Control Manager running on the remote host is affected by a security bypass vulnerability when processing calls to the cgiShowClientAdm() web function due to a failure to provide authentication for the functionality that exposes, modifies, or deletes DLP templates involved in filtering. An unauthenticated, remote attacker can exploit this issue to modify the security posture of the underlying product.

Note that this plugin attempts to download a DLP template. Also, Trend Micro Control Manager is reportedly affected by additional vulnerabilities; however, Nessus has not tested for these.

Solution

Upgrade to Trend Micro Control Manager version 6, build 3506.

Note that version 6.0 build 3506 requires version 6.0 SP3 Patch 2 as a prerequisite.

See Also

https://success.trendmicro.com/solution/1116863

https://www.zerodayinitiative.com/advisories/ZDI-17-244/

Plugin Details

Severity: High

ID: 99730

File Name: trendmicro_control_manager_zdi-17-244.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 4/28/2017

Updated: 11/15/2018

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:trend_micro:control_manager

Required KB Items: installed_sw/Trend Micro Control Manager

Exploited by Nessus: true

Patch Publication Date: 3/21/2017

Vulnerability Publication Date: 4/5/2017

Reference Information

BID: 97541