cpe:/a:trendmicro:deep_security_manager:10.0:- cpe:/a:trendmicro:deep_security_manager:10.0:u1 cpe:/a:trendmicro:deep_security_manager:10.0:u10 cpe:/a:trendmicro:deep_security_manager:10.0:u11 cpe:/a:trendmicro:deep_security_manager:10.0:u12 cpe:/a:trendmicro:deep_security_manager:10.0:u13 cpe:/a:trendmicro:deep_security_manager:10.0:u14 cpe:/a:trendmicro:deep_security_manager:10.0:u15 cpe:/a:trendmicro:deep_security_manager:10.0:u16 cpe:/a:trendmicro:deep_security_manager:10.0:u17 cpe:/a:trendmicro:deep_security_manager:10.0:u18 cpe:/a:trendmicro:deep_security_manager:10.0:u19 cpe:/a:trendmicro:deep_security_manager:10.0:u2 cpe:/a:trendmicro:deep_security_manager:10.0:u3 cpe:/a:trendmicro:deep_security_manager:10.0:u4 cpe:/a:trendmicro:deep_security_manager:10.0:u5 cpe:/a:trendmicro:deep_security_manager:10.0:u6 cpe:/a:trendmicro:deep_security_manager:10.0:u7 cpe:/a:trendmicro:deep_security_manager:10.0:u8 cpe:/a:trendmicro:deep_security_manager:10.0:u9 cpe:/a:trendmicro:deep_security_manager:11.0:- cpe:/a:trendmicro:deep_security_manager:11.0:u1 cpe:/a:trendmicro:deep_security_manager:11.0:u2 cpe:/a:trendmicro:deep_security_manager:11.0:u3 cpe:/a:trendmicro:deep_security_manager:11.0:u4 cpe:/a:trendmicro:deep_security_manager:11.0:u5 cpe:/a:trendmicro:deep_security_manager:11.0:u6 cpe:/a:trendmicro:deep_security_manager:11.0:u7 cpe:/a:trendmicro:deep_security_manager:11.3:- cpe:/a:trendmicro:vulnerability_protection:2.0:- CVE-2019-9488 2019-09-11T14:15:10.817-04:00 2019-09-13T17:11:22.063-04:00 4.0 NETWORK LOW SINGLE_INSTANCE PARTIAL NONE NONE http://nvd.nist.gov 2019-09-13T13:11:30.463-04:00 N/A N/A Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM).