Shodan
Vulnerabilities
Vulnerable Software
Trendmicro:  >> Apex One  >> 2019  Security Vulnerabilities
CVE-2021-25237
An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents.
CVSS Score
5.3
EPSS Score
0.004
Published
2021-02-04
CVE-2021-25239
An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-02-04
CVE-2021-25240
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64 agent hofitx information.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-02-04
CVE-2020-28576
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
CVSS Score
5.3
EPSS Score
0.008
Published
2020-12-01
CVE-2020-28577
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-12-01
CVE-2020-28582
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-12-01
CVE-2020-28583
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-12-01
CVE-2020-28573
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-12-01
CVE-2020-28572
A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent with additional malicious code in the context of a higher privilege.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-11-18
CVE-2020-24565
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit these vulnerabilities. The subs affected in this vulnerability makes it unique compared to similar CVEs such as CVE-2020-24564 and CVE-2020-25770.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-09-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved