CVE-2016-9315 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2016-9315

CWE

https://cwe.mitre.org/data/definitions/264.html

Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to change Master Admins password and/or add new admin accounts. This was resolved in Version 6.5 CP 1737.

Affected Software

Name	Vendor	Start Version	End Version
Interscan_web_security_virtual_appliance	Trendmicro	*	6.5 (including)

References

http://www.securityfocus.com/bid/96252
http://www.securitytracker.com/id/1037849
https://success.trendmicro.com/solution/1116672