¡¾Îó²îͨ¸æ¡¿Trend Micro ServerProtect Éí·ÝÑéÖ¤ÈÆ¹ýÎó²î (CVE-2021-36745£©
Ðû²¼Ê±¼ä 2021-09-280x00 Îó²î¸ÅÊö
CVE ID | CVE-2021-36745 | ʱ ¼ä | 2021-09-24 |
Àà ÐÍ | Éí·ÝÑéÖ¤ÈÆ¹ý | µÈ ¼¶ | ÑÏÖØ |
Ô¶³ÌʹÓà | ÊÇ | Ó°Ïì¹æÄ£ | |
¹¥»÷ÖØÆ¯ºó | µÍ | ¿ÉÓÃÐÔ | ¸ß |
Óû§½»»¥ | ÎÞ | ËùÐèȨÏÞ | ÎÞ |
PoC/EXP | ÔÚҰʹÓà | ·ñ |
0x01 Îó²îÏêÇé
Trend Micro? ServerProtectÊÇÇ÷ÊÆ¿Æ¼¼µÄÒ»¿îÆóÒµ¼¶·´²¡¶¾³ÌÐò¡£¡£¡£
2021Äê9ÔÂ24ÈÕ£¬£¬£¬£¬£¬£¬£¬ Ç÷ÊÆ¿Æ¼¼Ðû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬£¬ÐÞ¸´ÁËServerProtect£¨·À¶¾Ç½Ð§ÀÍÆ÷°æ£©ÖеÄÒ»¸öÉí·ÝÑéÖ¤ÈÆ¹ýÎó²î£¨CVE-2021-36745£©£¬£¬£¬£¬£¬£¬£¬ÆäCVSSv3ÆÀ·ÖΪ9.8¡£¡£¡£
¸ÃÎó²î±£´æÓÚServerProtect¿ØÖÆÌ¨ÖУ¬£¬£¬£¬£¬£¬£¬ÓÉÓÚȱ·¦Êʵ±µÄÑéÖ¤£¬£¬£¬£¬£¬£¬£¬Ô¶³Ì¹¥»÷Õß¿ÉÒÔʹÓÃËüÈÆ¹ýÊÜÓ°ÏìµÄ Trend Micro ServerProtect ×°ÖõÄÉí·ÝÑéÖ¤¡£¡£¡£
Ó°Ïì¹æÄ£
ServerProtect for Storage (SPFS) 6.0
ServerProtect for EMC Celerra (SPEMC) 5.8
ServerProtect for Network Appliance Filers (SPNAF) 5.8
ServerProtect for Microsoft Windows / Novell Netware (SPNT) 5.8
0x02 ´¦Öóͷ£½¨Òé
ÏÖÔÚ´ËÎó²îÒѾÐÞ¸´£¬£¬£¬£¬£¬£¬£¬½¨ÒéÊÜÓ°ÏìµÄÓû§ÊµÊ±Éý¼¶¸üе½ÒÔϰ汾£º
ServerProtect for Storage (SPFS) 6.0 CP1284
ServerProtect for EMC Celerra (SPEMC) 5.8 CP1577
ServerProtect for Network Appliance Filers (SPNAF) 5.8 CP1299
ServerProtect for Microsoft Windows / Novell Netware (SPNT) 5.8 CP1575
ÏÂÔØÁ´½Ó£º
https://success.trendmicro.com/solution/000289038
0x03 ²Î¿¼Á´½Ó
https://success.trendmicro.com/solution/000289038
https://www.zerodayinitiative.com/advisories/ZDI-21-1115/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-CVE-2021-36745
0x04 ¸üа汾
°æ±¾ | ÈÕÆÚ | ÐÞ¸ÄÄÚÈÝ |
V1.0 | 2021-09-28 | Ê×´ÎÐû²¼ |
0x05 Îĵµ¸½Â¼
CNVD£ºwww.cnvd.org.cn
CNNVD£ºwww.cnnvd.org.cn
CVE£ºcve.mitre.org
CVSS£ºwww.first.org
NVD£ºnvd.nist.gov
0x06 ¹ØÓÚ¼øºÚµ£±£Íø
¹Ø×¢ÒÔϹ«Öںţ¬£¬£¬£¬£¬£¬£¬»ñÈ¡¸ü¶à×ÊѶ£º