Vulnerabilities > Trendmicro > Serverprotect

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-25329 Use of Hard-coded Credentials vulnerability in Trendmicro products
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console.
network
low complexity
trendmicro CWE-798
critical
9.8
2022-02-24 CVE-2022-25330 Integer Overflow or Wraparound vulnerability in Trendmicro products
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
network
low complexity
trendmicro CWE-190
critical
9.8
2022-02-24 CVE-2022-25331 Unspecified vulnerability in Trendmicro products
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
network
low complexity
trendmicro
7.5
2021-09-29 CVE-2021-36745 Forced Browsing vulnerability in Trendmicro Serverprotect 5.8/6.0
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations.
network
low complexity
trendmicro CWE-425
critical
9.8
2021-03-03 CVE-2021-25252 Resource Exhaustion vulnerability in Trendmicro products
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
local
low complexity
trendmicro CWE-400
5.5
2021-01-27 CVE-2021-25226 Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product.
local
low complexity
trendmicro CWE-400
5.5
2021-01-27 CVE-2021-25225 Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product.
local
low complexity
trendmicro CWE-400
5.5
2021-01-27 CVE-2021-25224 Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product.
local
low complexity
trendmicro CWE-400
5.5
2020-12-01 CVE-2020-28575 Out-of-bounds Write vulnerability in Trendmicro Serverprotect 3.0
A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-787
6.7
2020-09-15 CVE-2020-24561 Command Injection vulnerability in Trendmicro Serverprotect 3.0
A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system.
network
low complexity
trendmicro CWE-77
critical
9.1