2019

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

trendmicro

NVD

Published: 2023-06-26

Updated: 2023-06-30

Summary

An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32553

Vulnerable Configurations

Part	Description	Count
Application	Trendmicro Trendmicro Apex ONE - Trendmicro Apex ONE 14.0.10349 Trendmicro Apex ONE 2019	3
OS	Microsoft Microsoft Windows -	1

References

https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US
https://www.zerodayinitiative.com/advisories/ZDI-23-655/