Trendmicro: >> Apex Central >> 2019 Security Vulnerabilities
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.
Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.
This is similar to, but not identical to CVE-2023-32530.
CVSS Score
8.8
EPSS Score
0.026
Published
2023-06-26
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.
Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.
This is similar to, but not identical to CVE-2023-32529.
CVSS Score
8.8
EPSS Score
0.032
Published
2023-06-26
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32532 through 32535.
CVSS Score
6.1
EPSS Score
0.008
Published
2023-06-26
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32535.
CVSS Score
6.1
EPSS Score
0.008
Published
2023-06-26
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32535.
CVSS Score
6.1
EPSS Score
0.008
Published
2023-06-26
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32535.
CVSS Score
6.1
EPSS Score
0.008
Published
2023-06-26
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32534.
CVSS Score
6.1
EPSS Score
0.008
Published
2023-06-26
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.
This is similar to, but not identical to CVE-2023-32537.
CVSS Score
5.4
EPSS Score
0.004
Published
2023-06-26
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.
This is similar to, but not identical to CVE-2023-32536.
CVSS Score
5.4
EPSS Score
0.004
Published
2023-06-26
CVE-2022-26871
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Known exploited
CVSS Score
9.8
EPSS Score
0.086
Published
2022-03-29