Vulnerabilities > CVE-2021-25246 - Unspecified vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
References
- https://success.trendmicro.com/solution/000284202
- https://success.trendmicro.com/solution/000284202
- https://success.trendmicro.com/solution/000284205
- https://success.trendmicro.com/solution/000284205
- https://success.trendmicro.com/solution/000284206
- https://success.trendmicro.com/solution/000284206
- https://www.zerodayinitiative.com/advisories/ZDI-21-117/
- https://www.zerodayinitiative.com/advisories/ZDI-21-117/