CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-25329

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://success.trendmicro.com/solution/000290507
https://www.tenable.com/security/research/tra-2022-05
https://success.trendmicro.com/solution/000290507
https://www.tenable.com/security/research/tra-2022-05

Products affected by CVE-2022-25329

Trendmicro » Serverprotect » Version: 5.8

cpe:2.3:a:trendmicro:serverprotect:5.8
Trendmicro » Serverprotect For Network Appliance Filer » Version: 5.8

cpe:2.3:a:trendmicro:serverprotect_for_network_appliance_filer:5.8
Trendmicro » Serverprotect For Storage » Version: 6.0

cpe:2.3:a:trendmicro:serverprotect_for_storage:6.0
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-25329

Products

Pricing

Contact Us