Vulnerabilities > Trendmicro > Deep Discovery Director

DATE CVE VULNERABILITY TITLE RISK
2017-08-01 CVE-2017-11381 OS Command Injection vulnerability in Trendmicro Deep Discovery Director 1.1
A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console.
network
low complexity
trendmicro CWE-78
critical
9.8
2017-08-01 CVE-2017-11380 Use of Hard-coded Credentials vulnerability in Trendmicro Deep Discovery Director 1.1
Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1.
network
low complexity
trendmicro CWE-798
critical
9.8
2017-08-01 CVE-2017-11379 Insufficient Verification of Data Authenticity vulnerability in Trendmicro Deep Discovery Director 1.1
Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1.
network
low complexity
trendmicro CWE-345
7.5