Intrusion Prevention

TrendMicro.Email.Encryption.Gateway.Authentication.Bypass

Description

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Trend Micro Email Encryption Gateway.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted HTTP request. A remote attacker may be able to exploit this to bypass authentication on vulnerable systems.

Affected Products

Trend Micro Email Encryption Gateway version 5.5 Build 1111 and below

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://success.trendmicro.com/solution/1119349

CVE References

CVE-2018-6223 CVE-2018-6222

Other References

44166 1119349