Описание
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- MitigationPatchVendor Advisory
- MitigationPatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- MitigationPatchVendor Advisory
- MitigationPatchVendor Advisory
- Third Party AdvisoryVDB Entry
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:*:*:*
cpe:2.3:a:trendmicro:apex_one:-:*:*:*:*:saas:*:*
EPSS
Процентиль: 94%
0.13592
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-345
CWE-345
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
CVSS3: 8.6
fstec
почти 4 года назад
Уязвимость средства мониторинга и управления безопасностью Trend Micro Apex Central связана с неограниченной загрузкой файлов опасного типа, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 94%
0.13592
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-345
CWE-345