All the vulnerabilites related to Trend Micro - Trend Micro Apex Central
cve-2022-26871
Vulnerability from cvelistv5
Published
2022-03-29 20:45
Modified
2024-08-03 05:18
Severity ?
Summary
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:18:38.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000290678"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/jp/solution/000290660"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.jpcert.or.jp/english/at/2022/at220008.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU99107357"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex Central",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2019 (on-premise), SaaS"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Arbitrary File Upload",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-29T20:45:20",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000290678"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/jp/solution/000290660"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.jpcert.or.jp/english/at/2022/at220008.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/vu/JVNVU99107357"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-26871",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Apex Central",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019 (on-premise), SaaS"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Arbitrary File Upload"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000290678",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000290678"
            },
            {
              "name": "https://success.trendmicro.com/jp/solution/000290660",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/jp/solution/000290660"
            },
            {
              "name": "https://www.jpcert.or.jp/english/at/2022/at220008.html",
              "refsource": "MISC",
              "url": "https://www.jpcert.or.jp/english/at/2022/at220008.html"
            },
            {
              "name": "https://jvn.jp/vu/JVNVU99107357",
              "refsource": "MISC",
              "url": "https://jvn.jp/vu/JVNVU99107357"
            },
            {
              "name": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435",
              "refsource": "MISC",
              "url": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-26871",
    "datePublished": "2022-03-29T20:45:20",
    "dateReserved": "2022-03-10T00:00:00",
    "dateUpdated": "2024-08-03T05:18:38.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-19692
Vulnerability from cvelistv5
Published
2019-12-20 04:05
Modified
2024-08-05 02:25
Severity ?
Summary
Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.156Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000159569"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex Central",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2019"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "XSS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-20T04:05:21",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000159569"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2019-19692",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Apex Central",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "XSS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000159569",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000159569"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2019-19692",
    "datePublished": "2019-12-20T04:05:22",
    "dateReserved": "2019-12-09T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.156Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}