Vulnerabilities > CVE-2021-25235 - Unspecified vulnerability in Trendmicro Apex ONE and Officescan

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

trendmicro

NVD

Published: 2021-02-04

Updated: 2022-06-28

Summary

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file.

Vulnerable Configurations

Part	Description	Count
Application	Trendmicro Trendmicro Apex ONE 2019 Trendmicro Officescan Xg	2
OS	Microsoft Microsoft Windows -	1

References

https://www.zerodayinitiative.com/advisories/ZDI-21-110/
https://success.trendmicro.com/solution/000284205
https://success.trendmicro.com/solution/000284202