All the vulnerabilites related to Trend Micro, Inc. - Apex One
jvndb-2022-001948
Vulnerability from jvndb
Published
2022-06-03 12:17
Modified
2024-06-18 16:30
Severity ?
Summary
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
Details
Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Impacted products
Trend Micro, Inc.Apex One
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001948.html",
  "dc:date": "2024-06-18T16:30+09:00",
  "dcterms:issued": "2022-06-03T12:17+09:00",
  "dcterms:modified": "2024-06-18T16:30+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001948.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "7.2",
      "@severity": "High",
      "@type": "Base",
      "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
      "@version": "2.0"
    },
    {
      "@score": "7.8",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2022-001948",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU90675050/index.html",
      "@id": "JVNVU#90675050",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-30700",
      "@id": "CVE-2022-30700",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-30701",
      "@id": "CVE-2022-30701",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-30700",
      "@id": "CVE-2022-30700",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-30701",
      "@id": "CVE-2022-30701",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/732.html",
      "@id": "CWE-732",
      "@title": "Incorrect Permission Assignment for Critical Resource(CWE-732)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}

jvndb-2021-002279
Vulnerability from jvndb
Published
2021-08-19 15:01
Modified
2021-08-19 15:01
Summary
Incorrect permission assignment vulnerability in multiple Trend Micro Endpoint security products for enterprises
Details
Trend Micro Incorporated has released a security update for multiple Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.
References
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002279.html",
  "dc:date": "2021-08-19T15:01+09:00",
  "dcterms:issued": "2021-08-19T15:01+09:00",
  "dcterms:modified": "2021-08-19T15:01+09:00",
  "description": "Trend Micro Incorporated has released a security update for multiple Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002279.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2021-002279",
  "sec:references": {
    "#text": "https://jvn.jp/en/vu/JVNVU90091573/",
    "@id": "JVNVU#90091573",
    "@source": "JVN"
  },
  "title": "Incorrect permission assignment vulnerability in multiple Trend Micro Endpoint security products for enterprises"
}

jvndb-2021-003385
Vulnerability from jvndb
Published
2021-10-26 12:35
Modified
2021-10-26 12:35
Summary
Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation
Details
Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
References
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-003385.html",
  "dc:date": "2021-10-26T12:35+09:00",
  "dcterms:issued": "2021-10-26T12:35+09:00",
  "dcterms:modified": "2021-10-26T12:35+09:00",
  "description": "Trend Micro Incorporated has released security updates for Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-003385.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
      "@product": "Apex One as a Service",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:worry_free_business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2021-003385",
  "sec:references": {
    "#text": "https://jvn.jp/en/vu/JVNVU92842857/",
    "@id": "JVNVU#92842857",
    "@source": "JVN"
  },
  "title": "Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation"
}

jvndb-2022-001380
Vulnerability from jvndb
Published
2022-03-02 17:07
Modified
2022-03-02 17:07
Summary
Multiples security updates for Trend Micro Endpoint security products for enterprises (March 2022)
Details
Trend Micro Incorporated has released multiple security updates for Trend Micro Endpoint security products for enterprises. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001380.html",
  "dc:date": "2022-03-02T17:07+09:00",
  "dcterms:issued": "2022-03-02T17:07+09:00",
  "dcterms:modified": "2022-03-02T17:07+09:00",
  "description": "Trend Micro Incorporated has released multiple security updates for Trend Micro Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001380.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2022-001380",
  "sec:references": {
    "#text": "https://jvn.jp/en/vu/JVNVU96994445/index.html",
    "@id": "JVNVU#96994445",
    "@source": "JVN"
  },
  "title": "Multiples security updates for Trend Micro Endpoint security products for enterprises (March 2022)"
}

jvndb-2023-002100
Vulnerability from jvndb
Published
2023-06-14 14:47
Modified
2024-05-23 15:23
Severity ?
Summary
Security updates for multiple Trend Micro products for enterprises (June 2023)
Details
Trend Micro Incorporated has released security updates for multiple Trend Micro products for enterprises. For more details, refer to the information provided by the developer. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
JVN https://jvn.jp/en/vu/JVNVU91852506/
JVN https://jvn.jp/en/vu/JVNVU93384719/index.html
CVE https://www.cve.org/CVERecord?id=CVE-2023-32521
CVE https://www.cve.org/CVERecord?id=CVE-2023-32522
CVE https://www.cve.org/CVERecord?id=CVE-2023-32523
CVE https://www.cve.org/CVERecord?id=CVE-2023-32524
CVE https://www.cve.org/CVERecord?id=CVE-2023-32525
CVE https://www.cve.org/CVERecord?id=CVE-2023-32526
CVE https://www.cve.org/CVERecord?id=CVE-2023-32527
CVE https://www.cve.org/CVERecord?id=CVE-2023-32528
CVE https://www.cve.org/CVERecord?id=CVE-2023-30902
CVE https://www.cve.org/CVERecord?id=CVE-2023-32552
CVE https://www.cve.org/CVERecord?id=CVE-2023-32553
CVE https://www.cve.org/CVERecord?id=CVE-2023-32554
CVE https://www.cve.org/CVERecord?id=CVE-2023-32555
CVE https://www.cve.org/CVERecord?id=CVE-2023-32556
CVE https://www.cve.org/CVERecord?id=CVE-2023-32557
CVE https://www.cve.org/CVERecord?id=CVE-2023-34144
CVE https://www.cve.org/CVERecord?id=CVE-2023-34145
CVE https://www.cve.org/CVERecord?id=CVE-2023-34146
CVE https://www.cve.org/CVERecord?id=CVE-2023-34147
CVE https://www.cve.org/CVERecord?id=CVE-2023-34148
CVE https://www.cve.org/CVERecord?id=CVE-2023-32529
CVE https://www.cve.org/CVERecord?id=CVE-2023-32530
CVE https://www.cve.org/CVERecord?id=CVE-2023-32531
CVE https://www.cve.org/CVERecord?id=CVE-2023-32532
CVE https://www.cve.org/CVERecord?id=CVE-2023-32533
CVE https://www.cve.org/CVERecord?id=CVE-2023-32534
CVE https://www.cve.org/CVERecord?id=CVE-2023-32535
CVE https://www.cve.org/CVERecord?id=CVE-2023-32536
CVE https://www.cve.org/CVERecord?id=CVE-2023-32537
CVE https://www.cve.org/CVERecord?id=CVE-2023-32604
CVE https://www.cve.org/CVERecord?id=CVE-2023-32605
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-30902
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32521
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32522
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32523
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32524
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32525
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32526
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32527
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32528
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32552
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32553
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32554
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32555
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32556
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32557
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34144
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34145
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34146
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34147
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32529
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32530
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32531
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32532
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32533
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32534
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32535
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32536
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32537
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32604
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32605
NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34148
Path Traversal(CWE-22) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Improper Authentication(CWE-287) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367) https://cwe.mitre.org/data/definitions/367.html
Link Following(CWE-59) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Untrusted Search Path(CWE-426) https://cwe.mitre.org/data/definitions/426.html
Improper Privilege Management(CWE-269) https://cwe.mitre.org/data/definitions/269.html
SQL Injection(CWE-89) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Cross-site Scripting(CWE-79) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
No Mapping(CWE-Other) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002100.html",
  "dc:date": "2024-05-23T15:23+09:00",
  "dcterms:issued": "2023-06-14T14:47+09:00",
  "dcterms:modified": "2024-05-23T15:23+09:00",
  "description": "Trend Micro Incorporated has released security updates for multiple Trend Micro products for enterprises. For more details, refer to the information provided by the developer.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002100.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_central",
      "@product": "Apex Central",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:mobile_security",
      "@product": "Trend Micro Mobile Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "9.8",
    "@severity": "Critical",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-002100",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU91852506/",
      "@id": "JVNVU#91852506",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/vu/JVNVU93384719/index.html",
      "@id": "JVNVU#93384719",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32521",
      "@id": "CVE-2023-32521",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32522",
      "@id": "CVE-2023-32522",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32523",
      "@id": "CVE-2023-32523",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32524",
      "@id": "CVE-2023-32524",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32525",
      "@id": "CVE-2023-32525",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32526",
      "@id": "CVE-2023-32526",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32527",
      "@id": "CVE-2023-32527",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32528",
      "@id": "CVE-2023-32528",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-30902",
      "@id": "CVE-2023-30902",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32552",
      "@id": "CVE-2023-32552",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32553",
      "@id": "CVE-2023-32553",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32554",
      "@id": "CVE-2023-32554",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32555",
      "@id": "CVE-2023-32555",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32556",
      "@id": "CVE-2023-32556",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32557",
      "@id": "CVE-2023-32557",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34144",
      "@id": "CVE-2023-34144",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34145",
      "@id": "CVE-2023-34145",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34146",
      "@id": "CVE-2023-34146",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34147",
      "@id": "CVE-2023-34147",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34148",
      "@id": "CVE-2023-34148",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32529",
      "@id": "CVE-2023-32529",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32530",
      "@id": "CVE-2023-32530",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32531",
      "@id": "CVE-2023-32531",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32532",
      "@id": "CVE-2023-32532",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32533",
      "@id": "CVE-2023-32533",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32534",
      "@id": "CVE-2023-32534",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32535",
      "@id": "CVE-2023-32535",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32536",
      "@id": "CVE-2023-32536",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32537",
      "@id": "CVE-2023-32537",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32604",
      "@id": "CVE-2023-32604",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32605",
      "@id": "CVE-2023-32605",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-30902",
      "@id": "CVE-2023-30902",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32521",
      "@id": "CVE-2023-32521",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32522",
      "@id": "CVE-2023-32522",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32523",
      "@id": "CVE-2023-32523",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32524",
      "@id": "CVE-2023-32524",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32525",
      "@id": "CVE-2023-32525",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32526",
      "@id": "CVE-2023-32526",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32527",
      "@id": "CVE-2023-32527",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32528",
      "@id": "CVE-2023-32528",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32552",
      "@id": "CVE-2023-32552",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32553",
      "@id": "CVE-2023-32553",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32554",
      "@id": "CVE-2023-32554",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32555",
      "@id": "CVE-2023-32555",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32556",
      "@id": "CVE-2023-32556",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32557",
      "@id": "CVE-2023-32557",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34144",
      "@id": "CVE-2023-34144",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34145",
      "@id": "CVE-2023-34145",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34146",
      "@id": "CVE-2023-34146",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34147",
      "@id": "CVE-2023-34147",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32529",
      "@id": "CVE-2023-32529",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32530",
      "@id": "CVE-2023-32530",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32531",
      "@id": "CVE-2023-32531",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32532",
      "@id": "CVE-2023-32532",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32533",
      "@id": "CVE-2023-32533",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32534",
      "@id": "CVE-2023-32534",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32535",
      "@id": "CVE-2023-32535",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32536",
      "@id": "CVE-2023-32536",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32537",
      "@id": "CVE-2023-32537",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32604",
      "@id": "CVE-2023-32604",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32605",
      "@id": "CVE-2023-32605",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34148",
      "@id": "CVE-2023-34148",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-22",
      "@title": "Path Traversal(CWE-22)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-287",
      "@title": "Improper Authentication(CWE-287)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/367.html",
      "@id": "CWE-367",
      "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-59",
      "@title": "Link Following(CWE-59)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/426.html",
      "@id": "CWE-426",
      "@title": "Untrusted Search Path(CWE-426)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/269.html",
      "@id": "CWE-269",
      "@title": "Improper Privilege Management(CWE-269)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-89",
      "@title": "SQL Injection(CWE-89)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Security updates for multiple Trend Micro products for enterprises (June 2023)"
}

jvndb-2022-002761
Vulnerability from jvndb
Published
2022-11-21 18:25
Modified
2024-05-31 17:43
Severity ?
Summary
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
Details
Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Impacted products
Trend Micro, Inc.Apex One
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002761.html",
  "dc:date": "2024-05-31T17:43+09:00",
  "dcterms:issued": "2022-11-21T18:25+09:00",
  "dcterms:modified": "2024-05-31T17:43+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002761.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002761",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU90082799",
      "@id": "JVNVU#90082799",
      "@source": "JVN"
    },
    {
      "#text": "http://jvn.jp/en/vu/JVNVU91848962/index.html",
      "@id": "JVNVU#91848962",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44647",
      "@id": "CVE-2022-44647",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44648",
      "@id": "CVE-2022-44648",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44649",
      "@id": "CVE-2022-44649",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44650",
      "@id": "CVE-2022-44650",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44651",
      "@id": "CVE-2022-44651",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44652",
      "@id": "CVE-2022-44652",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44653",
      "@id": "CVE-2022-44653",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44654",
      "@id": "CVE-2022-44654",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44647",
      "@id": "CVE-2022-44647",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44648",
      "@id": "CVE-2022-44648",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44649",
      "@id": "CVE-2022-44649",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44650",
      "@id": "CVE-2022-44650",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44651",
      "@id": "CVE-2022-44651",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44652",
      "@id": "CVE-2022-44652",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44653",
      "@id": "CVE-2022-44653",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44654",
      "@id": "CVE-2022-44654",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/125.html",
      "@id": "CWE-125",
      "@title": "Out-of-bounds Read(CWE-125)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/787.html",
      "@id": "CWE-787",
      "@title": "Out-of-bounds Write(CWE-787)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/367.html",
      "@id": "CWE-367",
      "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/755.html",
      "@id": "CWE-755",
      "@title": "Improper Handling of Exceptional Conditions(CWE-755)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-22",
      "@title": "Path Traversal(CWE-22)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}

jvndb-2021-002077
Vulnerability from jvndb
Published
2021-08-04 11:15
Modified
2021-08-04 11:15
Severity ?
Summary
Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises
Details
Multiple Endpoint security products for enterprises provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. * Incorrect Permission Assignment (CWE-732) - CVE-2021-32464 * Improper Preservation of Permissions (CWE-281) - CVE-2021-32465 * Improper Input Validation (CWE-20) - CVE-2021-36741 * Improper Input Validation (CWE-20) - CVE-2021-36742 Trend Micro Incorporated states that attacks against CVE-2021-36741 and CVE-2021-36742 have been observed. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002077.html",
  "dc:date": "2021-08-04T11:15+09:00",
  "dcterms:issued": "2021-08-04T11:15+09:00",
  "dcterms:modified": "2021-08-04T11:15+09:00",
  "description": "Multiple Endpoint security products for enterprises provided by Trend Micro Incorporated contain multiple vulnerabilities listed below.\r\n\r\n* Incorrect Permission Assignment (CWE-732) - CVE-2021-32464\r\n* Improper Preservation of Permissions (CWE-281) - CVE-2021-32465\r\n* Improper Input Validation (CWE-20) - CVE-2021-36741\r\n* Improper Input Validation (CWE-20) - CVE-2021-36742\r\n\r\nTrend Micro Incorporated states that attacks against CVE-2021-36741 and CVE-2021-36742 have been observed.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002077.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "7.2",
      "@severity": "High",
      "@type": "Base",
      "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
      "@version": "2.0"
    },
    {
      "@score": "7.8",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2021-002077",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU93876919/index.html",
      "@id": "JVNVU#93876919",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32464",
      "@id": "CVE-2021-32464",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32465",
      "@id": "CVE-2021-32465",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36741",
      "@id": "CVE-2021-36741",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36742",
      "@id": "CVE-2021-36742",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32464",
      "@id": "CVE-2021-32464",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32465",
      "@id": "CVE-2021-32465",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-36742",
      "@id": "CVE-2021-36742",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-36741",
      "@id": "CVE-2021-36741",
      "@source": "NVD"
    },
    {
      "#text": "https://www.jpcert.or.jp/at/2021/at210033.html",
      "@id": "JPCERT-AT-2021-0033",
      "@source": "JPCERT"
    },
    {
      "#text": "https://cisa.gov/known-exploited-vulnerabilities-catalog",
      "@id": "CVE-2021-36741, CVE-2021-36742",
      "@source": "CISA Known Exploited Vulnerabilities Catalog"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-20",
      "@title": "Improper Input Validation(CWE-20)"
    },
    {
      "#text": "http://cwe.mitre.org/data/definitions/281.html",
      "@id": "CWE-281",
      "@title": "Improper Preservation of Permissions(CWE-281)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/732.html",
      "@id": "CWE-732",
      "@title": "Incorrect Permission Assignment for Critical Resource(CWE-732)"
    }
  ],
  "title": "Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises"
}

jvndb-2023-006199
Vulnerability from jvndb
Published
2023-11-13 17:28
Modified
2024-03-13 17:28
Severity ?
Summary
Multiple security updates for Trend Micro Apex One and Apex One as a Service (November 2023)
Details
Trend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Impacted products
Trend Micro, Inc.Apex One
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-006199.html",
  "dc:date": "2024-03-13T17:28+09:00",
  "dcterms:issued": "2023-11-13T17:28+09:00",
  "dcterms:modified": "2024-03-13T17:28+09:00",
  "description": "Trend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-006199.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-006199",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU98040889/index.html",
      "@id": "JVNVU#98040889",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47192",
      "@id": "CVE-2023-47192",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47193",
      "@id": "CVE-2023-47193",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47194",
      "@id": "CVE-2023-47194",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47195",
      "@id": "CVE-2023-47195",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47196",
      "@id": "CVE-2023-47196",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47197",
      "@id": "CVE-2023-47197",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47198",
      "@id": "CVE-2023-47198",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47199",
      "@id": "CVE-2023-47199",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47200",
      "@id": "CVE-2023-47200",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47201",
      "@id": "CVE-2023-47201",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47202",
      "@id": "CVE-2023-47202",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47192",
      "@id": "CVE-2023-47192",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47193",
      "@id": "CVE-2023-47193",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47194",
      "@id": "CVE-2023-47194",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47195",
      "@id": "CVE-2023-47195",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47196",
      "@id": "CVE-2023-47196",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47197",
      "@id": "CVE-2023-47197",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47198",
      "@id": "CVE-2023-47198",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47199",
      "@id": "CVE-2023-47199",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47200",
      "@id": "CVE-2023-47200",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47201",
      "@id": "CVE-2023-47201",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47202",
      "@id": "CVE-2023-47202",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Multiple security updates for Trend Micro Apex One and Apex One as a Service (November 2023)"
}

jvndb-2023-001292
Vulnerability from jvndb
Published
2023-03-02 17:33
Modified
2024-06-07 16:59
Severity ?
Summary
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
Details
Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Impacted products
Trend Micro, Inc.Apex One
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001292.html",
  "dc:date": "2024-06-07T16:59+09:00",
  "dcterms:issued": "2023-03-02T17:33+09:00",
  "dcterms:modified": "2024-06-07T16:59+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001292.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "9.8",
    "@severity": "Critical",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-001292",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU96221942/index.html",
      "@id": "JVNVU#96221942",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-0587",
      "@id": "CVE-2023-0587",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25143",
      "@id": "CVE-2023-25143",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25144",
      "@id": "CVE-2023-25144",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25145",
      "@id": "CVE-2023-25145",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25146",
      "@id": "CVE-2023-25146",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25147",
      "@id": "CVE-2023-25147",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25148",
      "@id": "CVE-2023-25148",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-0587",
      "@id": "CVE-2023-0587",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25143",
      "@id": "CVE-2023-25143",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25144",
      "@id": "CVE-2023-25144",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25145",
      "@id": "CVE-2023-25145",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25146",
      "@id": "CVE-2023-25146",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25147",
      "@id": "CVE-2023-25147",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25148",
      "@id": "CVE-2023-25148",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/434.html",
      "@id": "CWE-434",
      "@title": "Unrestricted Upload of File with Dangerous Type(CWE-434)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-59",
      "@title": "Link Following(CWE-59)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}

jvndb-2024-003645
Vulnerability from jvndb
Published
2024-06-20 14:59
Modified
2024-06-20 14:59
Summary
Multiple vulnerabilities in multiple Trend Micro products
Details
Trend Micro Incorporated has released security updates for multiple Trend Micro products. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
  "dc:date": "2024-06-20T14:59+09:00",
  "dcterms:issued": "2024-06-20T14:59+09:00",
  "dcterms:modified": "2024-06-20T14:59+09:00",
  "description": "Trend Micro Incorporated has released security updates for multiple Trend Micro products.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
      "@product": "Apex One as a Service",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:deep_security_agent",
      "@product": "Deep Security Agent",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:interscan_web_security_virtual_appliance",
      "@product": "TrendMicro InterScan Web Security Virtual Appliance",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2024-003645",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU99027428/index.html",
      "@id": "JVNVU#99027428",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36302",
      "@id": "CVE-2024-36302",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36303",
      "@id": "CVE-2024-36303",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36304",
      "@id": "CVE-2024-36304",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36305",
      "@id": "CVE-2024-36305",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36306",
      "@id": "CVE-2024-36306",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36307",
      "@id": "CVE-2024-36307",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-37289",
      "@id": "CVE-2024-37289",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36358",
      "@id": "CVE-2024-36358",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36359",
      "@id": "CVE-2024-36359",
      "@source": "CVE"
    }
  ],
  "title": "Multiple vulnerabilities in multiple Trend Micro products"
}

jvndb-2022-000071
Vulnerability from jvndb
Published
2022-09-14 18:15
Modified
2024-06-13 11:34
Severity ?
Summary
Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service
Details
Trend Micro Apex One and Trend Micro Apex One as a Service provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. * Improper validation in some components of the rollback mechanism (CWE-20) - CVE-2022-40139 * Improper access control (CWE-284) - CVE-2022-40140 * Information exposure (CWE-200) - CVE-2022-40141 * Improper link resolution before file access (CWE-59) - CVE-2022-40142 * Improper link resolution before file access (CWE-59) - CVE-2022-40143 * Improper authentication (CWE-287) - CVE-2022-40144 Trend Micro Incorporated states that attacks exploiting CVE-2022-40139 have been observed. CVE-2022-40139, CVE-2022-40140, CVE-2022-40141, CVE-2022-40142, CVE-2022-40143 Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. CVE-2022-40144 Akinori Takeuchi of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Impacted products
Trend Micro, Inc.Apex One
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000071.html",
  "dc:date": "2024-06-13T11:34+09:00",
  "dcterms:issued": "2022-09-14T18:15+09:00",
  "dcterms:modified": "2024-06-13T11:34+09:00",
  "description": "Trend Micro Apex One and Trend Micro Apex One as a Service provided by Trend Micro Incorporated contain multiple vulnerabilities listed below.\r\n\r\n  * Improper validation in some components of the rollback mechanism (CWE-20) - CVE-2022-40139\r\n  * Improper access control (CWE-284) - CVE-2022-40140\r\n  * Information exposure (CWE-200) - CVE-2022-40141\r\n  * Improper link resolution before file access (CWE-59) - CVE-2022-40142\r\n  * Improper link resolution before file access (CWE-59) - CVE-2022-40143\r\n  * Improper authentication (CWE-287) - CVE-2022-40144\r\n\r\nTrend Micro Incorporated states that attacks exploiting CVE-2022-40139 have been observed.\r\n\r\nCVE-2022-40139, CVE-2022-40140, CVE-2022-40141, CVE-2022-40142, CVE-2022-40143\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.\r\n\r\nCVE-2022-40144\r\nAkinori Takeuchi of Cyber Defense Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000071.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "6.8",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
      "@version": "2.0"
    },
    {
      "@score": "7.8",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2022-000071",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN36454862/index.html",
      "@id": "JVN#36454862",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40139",
      "@id": "CVE-2022-40139",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40140",
      "@id": "CVE-2022-40140",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40141",
      "@id": "CVE-2022-40141",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40142",
      "@id": "CVE-2022-40142",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40143",
      "@id": "CVE-2022-40143",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40144",
      "@id": "CVE-2022-40144",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40139",
      "@id": "CVE-2022-40139",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40140",
      "@id": "CVE-2022-40140",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40141",
      "@id": "CVE-2022-40141",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40142",
      "@id": "CVE-2022-40142",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40143",
      "@id": "CVE-2022-40143",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40144",
      "@id": "CVE-2022-40144",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/security/ciadr/vul/20220913-jvn.html",
      "@id": "JVN#36454862",
      "@source": "IPA SECURITY ALERTS"
    },
    {
      "#text": "https://www.jpcert.or.jp/english/at/2022/at220023.html",
      "@id": "JPCERT-AT-2022-0023",
      "@source": "JPCERT"
    },
    {
      "#text": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
      "@id": "CVE-2022-40139",
      "@source": "CISA Known Exploited Vulnerabilities Catalog"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-20",
      "@title": "Improper Input Validation(CWE-20)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-200",
      "@title": "Information Exposure(CWE-200)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-287",
      "@title": "Improper Authentication(CWE-287)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-59",
      "@title": "Link Following(CWE-59)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service"
}

jvndb-2022-002265
Vulnerability from jvndb
Published
2022-08-18 15:45
Modified
2024-06-14 17:11
Severity ?
Summary
Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation
Details
Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002265.html",
  "dc:date": "2024-06-14T17:11+09:00",
  "dcterms:issued": "2022-08-18T15:45+09:00",
  "dcterms:modified": "2024-06-14T17:11+09:00",
  "description": "Trend Micro Incorporated has released security updates for Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002265.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002265",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU96643038/index.html",
      "@id": "JVNVU#96643038",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-36336",
      "@id": "CVE-2022-36336",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-36336",
      "@id": "CVE-2022-36336",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-59",
      "@title": "Link Following(CWE-59)"
    }
  ],
  "title": "Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation"
}

jvndb-2022-002544
Vulnerability from jvndb
Published
2022-10-20 16:18
Modified
2024-06-13 13:58
Severity ?
Summary
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
Details
Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Impacted products
Trend Micro, Inc.Apex One
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002544.html",
  "dc:date": "2024-06-13T13:58+09:00",
  "dcterms:issued": "2022-10-20T16:18+09:00",
  "dcterms:modified": "2024-06-13T13:58+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002544.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "9.1",
    "@severity": "Critical",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002544",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU97131578/index.html",
      "@id": "JVNVU#97131578",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41744",
      "@id": "CVE-2022-41744",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41745",
      "@id": "CVE-2022-41745",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41746",
      "@id": "CVE-2022-41746",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41747",
      "@id": "CVE-2022-41747",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41748",
      "@id": "CVE-2022-41748",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41749",
      "@id": "CVE-2022-41749",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41744",
      "@id": "CVE-2022-41744",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41745",
      "@id": "CVE-2022-41745",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41746",
      "@id": "CVE-2022-41746",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41747",
      "@id": "CVE-2022-41747",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41748",
      "@id": "CVE-2022-41748",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41749",
      "@id": "CVE-2022-41749",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/367.html",
      "@id": "CWE-367",
      "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/125.html",
      "@id": "CWE-125",
      "@title": "Out-of-bounds Read(CWE-125)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/425.html",
      "@id": "CWE-425",
      "@title": "Direct Request (\u0027Forced Browsing\u0027)(CWE-425)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/295.html",
      "@id": "CWE-295",
      "@title": "Improper Certificate Validation(CWE-295)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/276.html",
      "@id": "CWE-276",
      "@title": "Incorrect Default Permissions(CWE-276)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/346.html",
      "@id": "CWE-346",
      "@title": "Origin Validation Error(CWE-346)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}

jvndb-2023-003721
Vulnerability from jvndb
Published
2023-09-20 13:58
Modified
2024-05-09 18:22
Severity ?
Summary
Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution
Details
Trend Micro Endpoint security products for enterprises provided by Trend Micro Incorporated contain an arbitrary code execution vulnerability (CWE-94, CVE-2023-41179) in 3rd Party AV Uninstaller Module. Trend Micro Incorporated states that an attack exploiting this vulnerability has been observed. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-003721.html",
  "dc:date": "2024-05-09T18:22+09:00",
  "dcterms:issued": "2023-09-20T13:58+09:00",
  "dcterms:modified": "2024-05-09T18:22+09:00",
  "description": "Trend Micro Endpoint security products for enterprises provided by Trend Micro Incorporated contain an arbitrary code execution vulnerability (CWE-94, CVE-2023-41179) in 3rd Party AV Uninstaller Module.\r\n\r\nTrend Micro Incorporated states that an attack exploiting this vulnerability has been observed.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-003721.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "9.1",
    "@severity": "Critical",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-003721",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU90967486/index.html",
      "@id": "JVNVU#90967486",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-41179",
      "@id": "CVE-2023-41179",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-41179",
      "@id": "CVE-2023-41179",
      "@source": "NVD"
    },
    {
      "#text": "https://www.jpcert.or.jp/english/at/2023/at230021.html",
      "@id": "JPCERT-AT-2023-0021",
      "@source": "JPCERT"
    },
    {
      "#text": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
      "@id": "CVE-2023-41179",
      "@source": "CISA Known Exploited Vulnerabilities Catalog"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-94",
      "@title": "Code Injection(CWE-94)"
    }
  ],
  "title": "Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution"
}

jvndb-2022-002836
Vulnerability from jvndb
Published
2022-12-26 16:21
Modified
2024-05-30 17:47
Severity ?
Summary
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
Details
Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Impacted products
Trend Micro, Inc.Apex One
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002836.html",
  "dc:date": "2024-05-30T17:47+09:00",
  "dcterms:issued": "2022-12-26T16:21+09:00",
  "dcterms:modified": "2024-05-30T17:47+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002836.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002836",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU96679793/index.html",
      "@id": "JVNVU#96679793",
      "@source": "JVN"
    },
    {
      "#text": "http://jvn.jp/en/vu/JVNVU91848962/index.html",
      "@id": "JVNVU#91848962",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-45797",
      "@id": "CVE-2022-45797",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-45798",
      "@id": "CVE-2022-45798",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-45797",
      "@id": "CVE-2022-45797",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-45798",
      "@id": "CVE-2022-45798",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-59",
      "@title": "Link Following(CWE-59)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}