Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted communications with update servers.
Trend Micro ServerProtect suffers from information disclosure, manipulation, cross site request forgery, cross site scripting, and various other vulnerabilities.