PT-2023-5336 · Trend Micro · Apex One As A Service+1

Publicado

2023-06-26

Atualizado

2023-06-30

CVE-2023-32557

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One and Apex One as a Service (affected versions not specified)

Description The issue is related to a path traversal vulnerability. This vulnerability could allow an unauthenticated attacker to upload an arbitrary file to the Management Server, potentially leading to remote code execution with system privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

BDU:2023-05964

CVE-2023-32557

Produtos afetados

Apex One As A Service

Trend Micro Apex One

PT-2023-5336 · Trend Micro · Apex One As A Service+1

CVE-2023-32557

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5