CVE-2018-6219

Description

An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.

Affected products

• Trend Micro / Trend Micro Email Encryption Gateway5.5 – 5.5

References

• EXPLOIThttps://www.exploit-db.com/exploits/44166/
• MISChttps://success.trendmicro.com/solution/1119349
• VENDOR_ADVISORYhttps://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities