Vulnerabilities > CVE-2020-27693 - Use of Password Hash With Insufficient Computational Effort vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 8.5.1.1516/9.0/9.1

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
trendmicro
CWE-916
NVD
Published: 2020-11-09
Updated: 2020-11-24

Summary

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated.

Vulnerable Configurations

Part Description Count
Application
Trendmicro
5
OS
Microsoft
1

Common Weakness Enumeration (CWE)

References