Vulnerabilities > Trendmicro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-04 | CVE-2021-25237 | Information Exposure vulnerability in Trendmicro Apex ONE 2019 An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents. | 5.0 |
| 2021-02-04 | CVE-2021-25236 | Server-Side Request Forgery (SSRF) vulnerability in Trendmicro Officescan and Worry-Free Business Security A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a specific sweep. | 5.0 |
| 2021-02-04 | CVE-2021-25235 | Information Exposure vulnerability in Trendmicro Apex ONE and Officescan An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file. | 5.0 |
| 2021-02-04 | CVE-2021-25234 | Information Exposure vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file. | 5.0 |
| 2021-02-04 | CVE-2021-25233 | Information Exposure vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific configuration download file. | 5.0 |
| 2021-02-04 | CVE-2021-25232 | Information Exposure vulnerability in Trendmicro Apex ONE and Officescan An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database. | 5.0 |
| 2021-02-04 | CVE-2021-25231 | Information Exposure vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file. | 5.0 |
| 2021-02-04 | CVE-2021-25230 | Information Exposure vulnerability in Trendmicro Apex ONE and Officescan An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connection exception file. | 5.0 |
| 2021-02-04 | CVE-2021-25229 | Incorrect Authorization vulnerability in Trendmicro Apex ONE and Officescan An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server. | 5.0 |
| 2021-02-04 | CVE-2021-25228 | Incorrect Authorization vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history. | 5.0 |