CERTFR-2021-AVI-159
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans les produits Trend Micro. Elle permet à un attaquant de provoquer un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Trend Micro | N/A | Worry-Free Business Security version antérieures à 10.1 SP1 Patch 2274 (pour Windows) | ||
| Trend Micro | N/A | InterScan Messaging Security Virtual Appliance version antérieures à 9.1 CP2034 | ||
| Trend Micro | N/A | ServerProtect for EMC Celerra version antérieures à 5.8 CP1573 EMC Celerra | ||
| Trend Micro | N/A | OfficeScan version antérieures à XG SP1 CP6040 (pour Windows) | ||
| Trend Micro | N/A | ServerProtect for Windows/Netware version antérieures à 5.8 CP1571 | ||
| Trend Micro | N/A | Control Manager version antérieures à 7.0 CP 3215 (pour Windows) | ||
| Trend Micro | N/A | ScanMail for IBM Domino version antérieures à 5.8 CP1083 (pour Windows et Linux) | ||
| Trend Micro | N/A | InterScan Web Security Virtual Appliance version antérieures à 6.5 CP1926 | ||
| Trend Micro | N/A | Deep Discovery Analyzer version antérieures à 5.1+ correctif via ActiveUpdate | ||
| Trend Micro | N/A | ServerProtect for Network Appliance Filers version antérieures à 5.8 CP1295 NetApp | ||
| Trend Micro | N/A | Deep Security version antérieures à DS 20.0 LTS (correctif du 18 janvier 2021) | ||
| Trend Micro | Deep Discovery Inspector | Deep Discovery Inspector version antérieures à 3.8+ correctif via ActiveUpdate | ||
| Trend Micro | N/A | ServerProtect for Storage version antérieures à 6.0 CP1274 (pour Windows) | ||
| Trend Micro | N/A | Deep Security version antérieures à DS 12.0 U15 | ||
| Trend Micro | N/A | Deep Security version antérieures à DS 11.0 U25 | ||
| Trend Micro | N/A | Safe Lock TXOne Edition version antérieures à 1.1 CP1042 (pour Windows) | ||
| Trend Micro | N/A | PortalProtect version antérieures à 2.6 CP1045 (pour Windows) | ||
| Trend Micro | N/A | Deep Discovery Email Inspector version antérieures à 2.5+ correctif via ActiveUpdate | ||
| Trend Micro | N/A | Cloud Edge version antérieures à 5.0+ correctif via ActiveUpdate | ||
| Trend Micro | N/A | Deep Security version antérieures à DS 10.0 U29 | ||
| Trend Micro | Apex One | Apex One version antérieures à 2019 CP9167 (On Premise) SaaS (B2101) (pour Windows et macOS) | ||
| Trend Micro | N/A | ScanMail for Exchange version antérieures à 14.0 CP3083 (pour Windows) | ||
| Trend Micro | N/A | ServerProtect for Linux version antérieures à 3.0 CP1649 | ||
| Trend Micro | N/A | Apex Central version antérieures à 2019 CP5534 SaaS (pour Windows) |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Worry-Free Business Security version ant\u00e9rieures \u00e0 10.1 SP1 Patch 2274 (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "InterScan Messaging Security Virtual Appliance version ant\u00e9rieures \u00e0 9.1 CP2034",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "ServerProtect for EMC Celerra version ant\u00e9rieures \u00e0 5.8 CP1573 EMC Celerra",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "OfficeScan version ant\u00e9rieures \u00e0 XG SP1 CP6040 (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "ServerProtect for Windows/Netware version ant\u00e9rieures \u00e0 5.8 CP1571",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Control Manager version ant\u00e9rieures \u00e0 7.0 CP 3215 (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "ScanMail for IBM Domino version ant\u00e9rieures \u00e0 5.8 CP1083 (pour Windows et Linux)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "InterScan Web Security Virtual Appliance version ant\u00e9rieures \u00e0 6.5 CP1926",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Deep Discovery Analyzer version ant\u00e9rieures \u00e0 5.1+ correctif via ActiveUpdate",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "ServerProtect for Network Appliance Filers version ant\u00e9rieures \u00e0 5.8 CP1295 NetApp",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Deep Security version ant\u00e9rieures \u00e0 DS 20.0 LTS (correctif du 18 janvier 2021)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Deep Discovery Inspector version ant\u00e9rieures \u00e0 3.8+ correctif via ActiveUpdate",
"product": {
"name": "Deep Discovery Inspector",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "ServerProtect for Storage version ant\u00e9rieures \u00e0 6.0 CP1274 (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Deep Security version ant\u00e9rieures \u00e0 DS 12.0 U15",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Deep Security version ant\u00e9rieures \u00e0 DS 11.0 U25",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Safe Lock TXOne Edition version ant\u00e9rieures \u00e0 1.1 CP1042 (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "PortalProtect version ant\u00e9rieures \u00e0 2.6 CP1045 (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Deep Discovery Email Inspector version ant\u00e9rieures \u00e0 2.5+ correctif via ActiveUpdate",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Cloud Edge version ant\u00e9rieures \u00e0 5.0+ correctif via ActiveUpdate",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Deep Security version ant\u00e9rieures \u00e0 DS 10.0 U29",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Apex One version ant\u00e9rieures \u00e0 2019 CP9167 (On Premise) SaaS (B2101) (pour Windows et macOS)",
"product": {
"name": "Apex One",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "ScanMail for Exchange version ant\u00e9rieures \u00e0 14.0 CP3083 (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "ServerProtect for Linux version ant\u00e9rieures \u00e0 3.0 CP1649",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
},
{
"description": "Apex Central version ant\u00e9rieures \u00e0 2019 CP5534 SaaS (pour Windows)",
"product": {
"name": "N/A",
"vendor": {
"name": "Trend Micro",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-25252",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25252"
}
],
"initial_release_date": "2021-03-03T00:00:00",
"last_revision_date": "2021-03-03T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-159",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-03-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Trend Micro. Elle\npermet \u00e0 un attaquant de provoquer un d\u00e9ni de service.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Trend Micro",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000285675 du 02 mars 2021",
"url": "https://success.trendmicro.com/solution/000285675"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…