Trend Micro Apex One

CPE Details

Trend Micro Apex One
trendmicro
apex_one
-
2021-03-18
17h21 +00:00
2021-06-01
12h33 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:trendmicro:apex_one:-:-:*:*:*:*:*:*

Informations

Vendor

trendmicro

Product

apex_one

Version

-

Update

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-0587 2023-01-31 23h00 +00:00 A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., \PCCSRV\TEMP\SampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed.
9.1
Critique
CVE-2021-25252 2021-03-03 14h43 +00:00 Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
5.5
Moyen
CVE-2019-18189 2019-10-28 18h28 +00:00 A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication.
9.8
Critique
CVE-2019-9489 2019-04-05 20h46 +00:00 A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console.
7.5
Haute