Product:

Apex_one

(Trendmicro)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 136
Date Id Summary Products Score Patch Annotated
2021-02-04 CVE-2021-25249 An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan, Worry\-Free_business_security 7.8
2021-02-04 CVE-2021-25248 An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan, Worry\-Free_business_security 5.5
2021-02-04 CVE-2021-25246 An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries. Apex_one, Officescan, Worry\-Free_business_security 6.5
2021-02-04 CVE-2021-25234 An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file. Apex_one, Officescan, Worry\-Free_business_security 5.3
2021-02-04 CVE-2021-25243 An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch level information. Apex_one, Officescan, Worry\-Free_business_security 5.3
2021-02-04 CVE-2021-25242 An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version and build information. Apex_one, Officescan, Worry\-Free_business_security 5.3
2021-02-04 CVE-2021-25241 A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a sweep. Apex_one, Worry\-Free_business_security 5.3
2021-02-04 CVE-2021-25240 An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64 agent hofitx information. Apex_one, Officescan, Worry\-Free_business_security 5.3
2021-02-04 CVE-2021-25239 An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes. Apex_one, Officescan, Worry\-Free_business_security 5.3
2021-02-04 CVE-2021-25237 An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents. Apex_one 5.3