Vulnerabilities > CVE-2021-25231 - Unspecified vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

trendmicro

NVD

Published: 2021-02-04

Updated: 2022-06-28

Summary

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file.

Vulnerable Configurations

Part	Description	Count
Application	Trendmicro Trendmicro Apex ONE 2019 Trendmicro Officescan Xg Trendmicro Worry Free Business Security 10.0	3
OS	Microsoft Microsoft Windows -	1

References

https://success.trendmicro.com/solution/000284205
https://success.trendmicro.com/solution/000284206
https://success.trendmicro.com/solution/000284202
https://www.zerodayinitiative.com/advisories/ZDI-21-106/