Check Point Advisories

Trend Micro Control Manager CSRF

Check Point Reference: CPAI-2011-127
Date Published: 5 Jan 2012
Severity: Critical
Last Updated: Friday 26 April, 2024
Source:
Protection Provided by:

IPS-1
IPS-1

  • IPS-1 NGX R65

    		•
    Who is Vulnerable? Trend Micro Control Manager 5.0
    Trend Micro Control Manager 5.5
    Vulnerability Description A cross-site request forgery (XSRF) vulnerability has been reported in Trend Micro Control Manager.
    Vulnerability DetailsThe vulnerability is due to an error while handling CasLogDirectInsert.aspx requests. A remote attacker may exploit this vulnerability by enticing a user to open a specially crafted URI. Successful exploitation of this issue will allow the attacker to login to the administrator console and execute commands with the privileges of the affected service.

    Protection Overview

    The protection will block the transfer of HTML documents that contain malicious or malformed links accessing the Trend Micro Control Manager.

    IPS-1 NGX R65 & IPS-1

    1. In the IPS-1 Policy Manager, click on the Protection tab.
    2. In the Protection tree, click Web Intelligence > HTML, and select the Generic HTML Protections protection group.
    3. Click Trend Micro Control Manager CSRF.
    4. In the configuration pane, under Settings, check Active.
    5. Click on Install Policy.

    Upon attack, the following entries will be logged:

    Alert Name: General HTML Alerts
    Description: Trend Micro Control Manager CSRF

    ×
      Feedback
    This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
    OK