Vulnerabilities > Trendmicro > Apex ONE > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-03-18 CVE-2020-8468 Injection vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components.
network
low complexity
trendmicro CWE-74
6.5
2020-03-18 CVE-2020-8467 Unspecified vulnerability in Trendmicro Apex ONE and Officescan
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE).
network
low complexity
trendmicro
6.5
2019-12-20 CVE-2019-19692 Cross-site Scripting vulnerability in Trendmicro Apex ONE 2019
Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console.
network
trendmicro CWE-79
4.3
2019-12-20 CVE-2019-19691 Unspecified vulnerability in Trendmicro Apex ONE and Officescan
A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools.
network
low complexity
trendmicro
4.0
2019-10-28 CVE-2019-18188 Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro Apex ONE 2019
Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE).
network
low complexity
trendmicro CWE-434
5.0
2019-04-05 CVE-2019-9489 Path Traversal vulnerability in Trendmicro products
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console.
network
low complexity
trendmicro CWE-22
5.0