Описание
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability.
Ссылки
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- US Government Resource
Уязвимые конфигурации
Одно из
Одновременно
Одно из
EPSS
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product’s management console in order to exploit this vulnerability.
Уязвимость антивирусных программных средств Trend Micro Worry-Free Business Security и Apex One, связанная с отсутствием ограничений на загрузку файлов, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
8.8 High
CVSS3
6.5 Medium
CVSS2