Vulnerabilities > Trendmicro > Serverprotect FOR Storage

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-25329 Use of Hard-coded Credentials vulnerability in Trendmicro products
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console.
network
low complexity
trendmicro CWE-798
critical
9.8
2022-02-24 CVE-2022-25330 Integer Overflow or Wraparound vulnerability in Trendmicro products
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
network
low complexity
trendmicro CWE-190
critical
9.8
2022-02-24 CVE-2022-25331 Unspecified vulnerability in Trendmicro products
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
network
low complexity
trendmicro
7.5
2021-03-03 CVE-2021-25252 Resource Exhaustion vulnerability in Trendmicro products
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
local
low complexity
trendmicro CWE-400
5.5