CVE-2018-3600

UNRATED

Description

A external entity processing information disclosure (XXE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to disclose sensitive information on vulnerable installations.

Affected products

Trend Micro / Trend Micro Control Manager6.0 – 6.0

References

VENDOR_ADVISORYhttps://www.zerodayinitiative.com/advisories/ZDI-18-111/
MISChttps://success.trendmicro.com/solution/1119158