Details of VAR-202406-0123

ID

VAR-202406-0123

CVE

CVE-2024-36359

TITLE

Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability

Trust: 0.7

sources: ZDI: ZDI-24-574

DESCRIPTION

A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Authentication is required to exploit this vulnerability.The specific flaw exists within the HTTP Inspection component. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user

Trust: 2.07

sources: NVD: CVE-2024-36359 // ZDI: ZDI-24-574 // CNVD: CNVD-2024-40821

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-40821

AFFECTED PRODUCTS

vendor:	trendmicro	model:	interscan web security virtual appliance	scope:	eq	version:	6.5	Trust: 1.0
vendor:	trend micro	model:	interscan web security virtual appliance	scope:	-	version:	-	Trust: 0.7
vendor:	trend micro	model:	interscan web security virtual appliance	scope:	eq	version:	6.5	Trust: 0.6

sources: ZDI: ZDI-24-574 // CNVD: CNVD-2024-40821 // NVD: CVE-2024-36359

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-36359
value:	MEDIUM
Trust: 1.0
security@trendmicro.com:	CVE-2024-36359
value:	MEDIUM
Trust: 1.0
ZDI:	CVE-2024-36359
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2024-40821
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2024-40821
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2024-36359
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.3
impactScore:	2.7
version:	3.1
Trust: 2.0
ZDI:	CVE-2024-36359
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.3
impactScore:	2.7
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-24-574 // CNVD: CNVD-2024-40821 // NVD: CVE-2024-36359 // NVD: CVE-2024-36359

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.0

sources: NVD: CVE-2024-36359

PATCH

title:	Trend Micro has issued an update to correct this vulnerability.	url:	https://success.trendmicro.com/dcx/s/solution/000298065	Trust: 0.7
title:	Patch for Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Vulnerability (CNVD-2024-40821)	url:	https://www.cnvd.org.cn/patchInfo/show/599626	Trust: 0.6

sources: ZDI: ZDI-24-574 // CNVD: CNVD-2024-40821

EXTERNAL IDS

db:	NVD	id:	CVE-2024-36359	Trust: 2.3
db:	ZDI	id:	ZDI-24-574	Trust: 1.7
db:	ZDI_CAN	id:	ZDI-CAN-21495	Trust: 0.7
db:	CNVD	id:	CNVD-2024-40821	Trust: 0.6

sources: ZDI: ZDI-24-574 // CNVD: CNVD-2024-40821 // NVD: CVE-2024-36359

REFERENCES

url:	https://success.trendmicro.com/dcx/s/solution/000298065	Trust: 1.7
url:	https://www.zerodayinitiative.com/advisories/zdi-24-574/	Trust: 1.0
url:	https://cxsecurity.com/cveshow/cve-2024-36359/	Trust: 0.6

sources: ZDI: ZDI-24-574 // CNVD: CNVD-2024-40821 // NVD: CVE-2024-36359

CREDITS

Anonymous

Trust: 0.7

sources: ZDI: ZDI-24-574

SOURCES

db:	ZDI	id:	ZDI-24-574
db:	CNVD	id:	CNVD-2024-40821
db:	NVD	id:	CVE-2024-36359

LAST UPDATE DATE

2024-10-18T03:53:57.834000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-24-574	date:	2024-07-01T00:00:00
db:	CNVD	id:	CNVD-2024-40821	date:	2024-10-16T00:00:00
db:	NVD	id:	CVE-2024-36359	date:	2024-10-03T19:49:00.337

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-24-574	date:	2024-06-06T00:00:00
db:	CNVD	id:	CNVD-2024-40821	date:	2024-10-16T00:00:00
db:	NVD	id:	CVE-2024-36359	date:	2024-06-10T22:15:11.413