HTTP: Trend Micro Mobile Security Enterprise eas_agent_unregister slink_id SQL Injection
This signature detects attempts to exploit a known vulnerability in Trend Micro Mobile Security Enterprise. Successful exploitation of this vulnerability can lead to remote code execution in the context of SYSTEM.
Extended Description
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
Affected Products
Trendmicro mobile_security
Short Name
HTTP:MISC:TREND-MICRO-MSE-SQLI
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-14078 Enterprise Injection Micro Mobile SQL Security Trend bid:100966 eas_agent_unregister slink_id
Release Date
10/10/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3693
False Positive
Unknown
Vendors
Trendmicro
CVSS Score
10.0