Vulnerabilities > Trendmicro > Apex ONE
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-18 | CVE-2020-8598 | Improper Input Validation vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. | 10.0 |
2020-03-18 | CVE-2020-8470 | Improper Input Validation vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. | 9.4 |
2020-03-18 | CVE-2020-8468 | Injection vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. | 6.5 |
2020-03-18 | CVE-2020-8467 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). | 6.5 |
2019-12-20 | CVE-2019-19692 | Cross-site Scripting vulnerability in Trendmicro Apex ONE 2019 Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. | 4.3 |
2019-12-20 | CVE-2019-19691 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. | 4.0 |
2019-10-28 | CVE-2019-18189 | Path Traversal vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. | 10.0 |
2019-10-28 | CVE-2019-18188 | Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro Apex ONE 2019 Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE). | 5.0 |
2019-04-05 | CVE-2019-9489 | Path Traversal vulnerability in Trendmicro products A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console. | 5.0 |