CVE-2023-32552

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One (affected versions not specified) Trend Micro Apex One as a Service (affected versions not specified)

Description The issue is related to improper access control in the web console of Trend Micro Apex One and Apex One as a Service, which could allow a remote attacker to gain unauthorized access to protected information. This can be achieved by connecting to TCP port 4343. The vulnerability may allow an unauthenticated user to disclose sensitive information on agents under certain circumstances.

Recommendations For Trend Micro Apex One, consider restricting access to the web console and TCP port 4343 until a patch is available. For Trend Micro Apex One as a Service, consider restricting access to the web console and TCP port 4343 until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.