Short Name |
HTTP:SQL:INJ:TM-MSE-ID-SQLI |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Trend Micro Mobile Security Enterprise get_dep_profile id SQL Injection |
Release Date |
2018/01/16 |
Update Number |
3026 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Trend Micro Mobile Security Enterprise. Successful exploitation of this vulnerability can lead to remote code execution in the context of SYSTEM.
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.