Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Worry\-Free_business_security
(Trendmicro)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 57 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-02-24 | CVE-2022-24678 | An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location and consume all disk space on affected installations. | Apex_one, Worry\-Free_business_security, Worry\-Free_business_security_services | 7.5 | ||
| 2022-02-24 | CVE-2022-24680 | A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and leverage this for arbitrary folder deletion, leading to escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the... | Apex_one, Worry\-Free_business_security, Worry\-Free_business_security_services | 7.8 | ||
| 2022-02-24 | CVE-2022-24679 | A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit... | Apex_one, Worry\-Free_business_security, Worry\-Free_business_security_services | 7.8 | ||
| 2022-07-30 | CVE-2022-36336 | A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue. | Apex_one, Worry\-Free_business_security, Worry\-Free_business_security_services | 7.8 | ||
| 2008-08-27 | CVE-2008-2433 | The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration." | Client_server_messaging_suite, Officescan, Worry\-Free_business_security | 9.8 | ||
| 2019-04-05 | CVE-2019-9489 | A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console. | Apex_one, Apex_one_as_a_service, Business_security, Officescan, Worry\-Free_business_security | 7.5 | ||
| 2018-02-16 | CVE-2018-6218 | A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system. | Deep_security, Endpoint_sensor, Officescan, Security, Worry\-Free_business_security | 7.0 | ||
| 2016-06-19 | CVE-2016-1224 | CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors. | Worry\-Free_business_security, Worry\-Free_business_security_services | 6.1 | ||
| 2016-06-19 | CVE-2016-1223 | Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors. | Officescan, Worry\-Free_business_security, Worry\-Free_business_security_services | 5.3 | ||
| 2019-10-28 | CVE-2019-18189 | A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication. | Apex_one, Officescan, Worry\-Free_business_security | N/A |