Vulnerability Details CVE-2019-18189
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2019-18189
-
cpe:2.3:a:trendmicro:apex_one:-
-
cpe:2.3:a:trendmicro:apex_one:14.0
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.12980
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.12994
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13122
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13131
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13140
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13984
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.14002
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.14081
-
cpe:2.3:a:trendmicro:apex_one:14.0.10349
-
cpe:2.3:a:trendmicro:apex_one:14.0.11789
-
cpe:2.3:a:trendmicro:apex_one:14.0.11960
-
cpe:2.3:a:trendmicro:apex_one:14.0.12105
-
cpe:2.3:a:trendmicro:apex_one:14.0.12518
-
cpe:2.3:a:trendmicro:apex_one:14.0.12737
-
cpe:2.3:a:trendmicro:apex_one:14.0.12849
-
cpe:2.3:a:trendmicro:apex_one:14.0.13139
-
cpe:2.3:a:trendmicro:apex_one:14.0.14203
-
cpe:2.3:a:trendmicro:apex_one:14.0.14492
-
cpe:2.3:a:trendmicro:apex_one:2019
-
cpe:2.3:a:trendmicro:officescan:11.0
-
cpe:2.3:a:trendmicro:officescan:xg
-
cpe:2.3:a:trendmicro:worry-free_business_security:10.0
-
cpe:2.3:a:trendmicro:worry-free_business_security:9.5