Описание
An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Ссылки
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.0.13139 (исключая)
Одно из
cpe:2.3:a:trendmicro:apex_one:*:*:*:*:saas:windows:*:*
cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:on-premises:windows:*:*
EPSS
Процентиль: 89%
0.05029
Низкий
7.5 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.5
github
больше 1 года назад
An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
EPSS
Процентиль: 89%
0.05029
Низкий
7.5 High
CVSS3
Дефекты
CWE-89