CVE-2022-24678

Опубликовано: 24 фев. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location and consume all disk space on affected installations.

Ссылки

https://success.trendmicro.com/solution/000290464
Patch
Vendor Advisory
https://success.trendmicro.com/solution/000290486
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-372/
Third Party Advisory
VDB Entry
https://success.trendmicro.com/solution/000290464
Patch
Vendor Advisory
https://success.trendmicro.com/solution/000290486
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-372/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*

cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*

cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*

cpe:2.3:a:trendmicro:worry-free_business_security_services:-:*:*:*:saas:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00861

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-p42c-v7q9-397h

github

почти 4 года назад