CVE-2017-11398

CVE-2017-11398

Vendor Trend Micro
Product Trend Micro Smart Protection Server (Standalone)
Weakness CWE-285
Published January 19, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system.

Key dates

02Disclosure timeline

January 19, 2018 CVE published
August 5, 2024 Record updated