Discovery Inspector (DDI) Authentication Bypass (CVE-2015-2873) and Cross-Site Scripting (XSS) Vulnerability (CVE-2015-2872)

  • Updated:
    • 23 Jun 2016
  • Product/Version:
    • Deep Discovery Inspector 3.5
    • Deep Discovery Inspector 3.6
    • Deep Discovery Inspector 3.7
    • Deep Discovery Inspector 3.8
  • Platform:
    • N/A N/A
Summary

Trend Micro has received reports that Deep Discovery Inspector is vulnerable to the following:

CVE-2015-2872

Deep Discovery Inspector is vulnerable to XSS attacks that could allow an unauthenticated user to execute malicious content.

  • On some legacy browsers like IE 7 with a low Security Level, Deep Discovery Inspector is vulnerable to XSS that allows an unauthenticated user to execute malicious content through the index.php.
  • The widget implementation is vulnerable to XSS that allows an unauthenticated user to execute malicious content.

CVE-2015-2873

Certain Deep Discovery Inspector URLs including the system log and whitelist/blacklist are accessible to a non-administrator user because the pages do not properly check for authorization. An unauthenticated user without administrator privileges may thus gain access to and modify certain system configuration settings.

Details
Public

To address these issues, Trend Micro has released Critical Patches for all affected versions. Please refer to the list below. All customers using Deep Discovery Inspector are recommended to apply the critical patch as soon as possible.

Deep Discovery Inspector affected versions that require updates:

DDI VersionRequired Update
3.8 EnglishCritical Patch B1263
3.8 JapaneseCritical Patch B2047
3.7 EnglishCritical Patch B1248
3.7 JapaneseCritical Patch B1228
3.7 Simplified ChineseCritical Patch B1227
3.6 EnglishCritical Patch B1217
3.5 EnglishCritical Patch B1477
3.5 JapaneseCritical Patch B1544
3.5 Simplified ChineseCritical Patch B1433

The Deep Discovery Inspector critical patches can also be downloaded from the Trend Micro Download Center.

Trend Micro would also like to thank John Page (hyp3rlinx.altervista.org) for the responsible disclosure of the issues addressed in this advisory.

Premium
Internal
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.