APP: Trend Micro Control Manager cmdHandlerLicenseManager SQL Injection

This signature detects attempts to exploit a known vulnerability in the Trend Micro Control Manager. Successful exploitation of this vulnerability, in conjunction with other vulnerabilities, could lead to code execution under the security context of the database.

Extended Description

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Formerly ZDI-CAN-4561.

Affected Products

Trendmicro control_manager

References

BugTraq: 100078

CVE: CVE-2017-11384

Short Name
APP:MISC:TREND-MICRO-CM-SQLI
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
CVE-2017-11384 Control Injection Manager Micro SQL Trend bid:100078 cmdHandlerLicenseManager
Release Date
08/21/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
Port
TCP/20101,20102
False Positive
Unknown
Vendors

Trendmicro

CVSS Score

7.5

Found a potential security threat?