Product:

Apex_central

(Trendmicro)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 24
Date Id Summary Products Score Patch Annotated
2024-01-23 CVE-2023-52326 Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52327. Apex_central 6.1
2024-01-23 CVE-2023-52331 A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_central 7.1
2024-01-23 CVE-2023-52329 Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52326. Apex_central 6.1
2024-01-23 CVE-2023-52325 A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In addition, an attacker must first obtain a valid set of credentials on target system in order to exploit this vulnerability. Apex_central 7.5
2024-01-23 CVE-2023-52327 Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52328. Apex_central 6.1
2024-01-23 CVE-2023-52324 An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations. Please note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code. Apex_central 8.8
2024-01-23 CVE-2023-52328 Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52329. Apex_central 6.1
2022-03-29 CVE-2022-26871 An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. Apex_central, Apex_one 9.8
2021-03-03 CVE-2021-25252 Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. Apex_central, Apex_one, Cloud_edge, Control_manager, Deep_discovery_analyzer, Deep_discovery_email_inspector, Deep_discovery_inspector, Deep_security, Interscan_messaging_security_virtual_appliance, Interscan_web_security_virtual_appliance, Officescan, Portal_protect, Safe_lock, Scanmail, Scanmail_for_ibm_domino, Serverprotect, Serverprotect_for_network_appliance_filers, Serverprotect_for_storage, Worry\-Free_business_security 5.5
2023-06-26 CVE-2023-32530 Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32529. Apex_central 8.8