NVD

Id
82853  
Name
CVE-2016-9314  
Description
Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto their local machine. This backup file contains sensitive information like passwd/shadow files, RSA certificates, Private Keys and Default Passphrase, etc. This was resolved in Version 6.5 CP 1737.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2017-02-28  
Published
2017-02-21  
Modified Date
2017-02-23  
Seq
2016-9314  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
407766 82853 CVE-2016-8678 [oss-security] 20161015 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)  View
407767 82853 CVE-2016-8678 [oss-security] 20161208 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)  View
407768 82853 CVE-2016-8678 93599  View
407769 82853 CVE-2016-8678 https://bugzilla.redhat.com/show_bug.cgi?id=1385694  View
407770 82853 CVE-2016-8678 https://github.com/ImageMagick/ImageMagick/issues/272  View

Related JVN