Description
Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).
CVSS Metrics
- Vector
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Access Vector
- network
- Access Cmplx
- low
- Auth
- none
- Confidentiality
- partial
- Integrity
- partial
- Availability
- partial
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- TREND_MICRO
- Published
- 3/2/2007
- Last Modified
- 4/9/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
trend_micro : serverprotecttrend_micro : serverprotecttrend_micro : serverprotect
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.