Search

Find a vulnerability

Search criteria

    17 vulnerabilities found for Apex One by Trend Micro, Inc.

    JVNDB-2025-009150

    Vulnerability from jvndb - Published: 2025-07-17 17:03 - Updated:2025-07-17 17:03

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-009150.html",
      "dc:date": "2025-07-17T17:03+09:00",
      "dcterms:issued": "2025-07-17T17:03+09:00",
      "dcterms:modified": "2025-07-17T17:03+09:00",
      "description": "Trend Micro Incorporated has released security updates for multiple Trend Micro products.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-009150.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_central",
          "@product": "Apex Central",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
          "@product": "Apex One as a Service",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security",
          "@product": "Worry-Free Business Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security_services",
          "@product": "Worry-Free Business Security Services",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:identifier": "JVNDB-2025-009150",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU96526886/",
          "@id": "JVNVU#96526886",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49154",
          "@id": "CVE-2025-49154",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49155",
          "@id": "CVE-2025-49155",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49156",
          "@id": "CVE-2025-49156",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49157",
          "@id": "CVE-2025-49157",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49158",
          "@id": "CVE-2025-49158",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49219",
          "@id": "CVE-2025-49219",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49220",
          "@id": "CVE-2025-49220",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49487",
          "@id": "CVE-2025-49487",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-53378",
          "@id": "CVE-2025-53378",
          "@source": "CVE"
        }
      ],
      "title": "Security updates for Trend Micro products (June 2025)"
    }

    JVNDB-2024-015393

    Vulnerability from jvndb - Published: 2024-12-23 12:52 - Updated:2024-12-23 12:52
    Summary
    Multiple security updates for Trend Micro Apex One and Apex One as a Service (December 2024)
    Details
    Trend Micro Apex One and Apex One as a Service contain multiple vulnerabilities. Trend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-015393.html",
      "dc:date": "2024-12-23T12:52+09:00",
      "dcterms:issued": "2024-12-23T12:52+09:00",
      "dcterms:modified": "2024-12-23T12:52+09:00",
      "description": "Trend Micro Apex One and Apex One as a Service contain multiple vulnerabilities.\r\n\r\nTrend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-015393.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
          "@product": "Apex One as a Service",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:identifier": "JVNDB-2024-015393",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU95720792/index.html",
          "@id": "JVNVU#95720792",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-52048",
          "@id": "CVE-2024-52048",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-52049",
          "@id": "CVE-2024-52049",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-52050",
          "@id": "CVE-2024-52050",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-55631",
          "@id": "CVE-2024-55631",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-55632",
          "@id": "CVE-2024-55632",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-55917",
          "@id": "CVE-2024-55917",
          "@source": "CVE"
        }
      ],
      "title": "Multiple security updates for Trend Micro Apex One and Apex One as a Service (December 2024)"
    }

    JVNDB-2024-003645

    Vulnerability from jvndb - Published: 2024-06-20 14:59 - Updated:2024-06-20 14:59

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
      "dc:date": "2024-06-20T14:59+09:00",
      "dcterms:issued": "2024-06-20T14:59+09:00",
      "dcterms:modified": "2024-06-20T14:59+09:00",
      "description": "Trend Micro Incorporated has released security updates for multiple Trend Micro products.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003645.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
          "@product": "Apex One as a Service",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:deep_security_agent",
          "@product": "Deep Security Agent",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:interscan_web_security_virtual_appliance",
          "@product": "TrendMicro InterScan Web Security Virtual Appliance",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:identifier": "JVNDB-2024-003645",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU99027428/index.html",
          "@id": "JVNVU#99027428",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36302",
          "@id": "CVE-2024-36302",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36303",
          "@id": "CVE-2024-36303",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36304",
          "@id": "CVE-2024-36304",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36305",
          "@id": "CVE-2024-36305",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36306",
          "@id": "CVE-2024-36306",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36307",
          "@id": "CVE-2024-36307",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-37289",
          "@id": "CVE-2024-37289",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36358",
          "@id": "CVE-2024-36358",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2024-36359",
          "@id": "CVE-2024-36359",
          "@source": "CVE"
        }
      ],
      "title": "Multiple vulnerabilities in multiple Trend Micro products"
    }

    JVNDB-2023-006199

    Vulnerability from jvndb - Published: 2023-11-13 17:28 - Updated:2024-03-13 17:28
    Severity
    Summary
    Multiple security updates for Trend Micro Apex One and Apex One as a Service (November 2023)
    Details
    Trend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-006199.html",
      "dc:date": "2024-03-13T17:28+09:00",
      "dcterms:issued": "2023-11-13T17:28+09:00",
      "dcterms:modified": "2024-03-13T17:28+09:00",
      "description": "Trend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-006199.html",
      "sec:cpe": {
        "#text": "cpe:/a:trendmicro:apex_one",
        "@product": "Apex One",
        "@vendor": "Trend Micro, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2023-006199",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU98040889/index.html",
          "@id": "JVNVU#98040889",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47192",
          "@id": "CVE-2023-47192",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47193",
          "@id": "CVE-2023-47193",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47194",
          "@id": "CVE-2023-47194",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47195",
          "@id": "CVE-2023-47195",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47196",
          "@id": "CVE-2023-47196",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47197",
          "@id": "CVE-2023-47197",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47198",
          "@id": "CVE-2023-47198",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47199",
          "@id": "CVE-2023-47199",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47200",
          "@id": "CVE-2023-47200",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47201",
          "@id": "CVE-2023-47201",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-47202",
          "@id": "CVE-2023-47202",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47192",
          "@id": "CVE-2023-47192",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47193",
          "@id": "CVE-2023-47193",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47194",
          "@id": "CVE-2023-47194",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47195",
          "@id": "CVE-2023-47195",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47196",
          "@id": "CVE-2023-47196",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47197",
          "@id": "CVE-2023-47197",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47198",
          "@id": "CVE-2023-47198",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47199",
          "@id": "CVE-2023-47199",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47200",
          "@id": "CVE-2023-47200",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47201",
          "@id": "CVE-2023-47201",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-47202",
          "@id": "CVE-2023-47202",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "Multiple security updates for Trend Micro Apex One and Apex One as a Service (November 2023)"
    }

    JVNDB-2023-003721

    Vulnerability from jvndb - Published: 2023-09-20 13:58 - Updated:2024-05-09 18:22
    Severity
    Summary
    Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution
    Details
    Trend Micro Endpoint security products for enterprises provided by Trend Micro Incorporated contain an arbitrary code execution vulnerability (CWE-94, CVE-2023-41179) in 3rd Party AV Uninstaller Module. Trend Micro Incorporated states that an attack exploiting this vulnerability has been observed. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-003721.html",
      "dc:date": "2024-05-09T18:22+09:00",
      "dcterms:issued": "2023-09-20T13:58+09:00",
      "dcterms:modified": "2024-05-09T18:22+09:00",
      "description": "Trend Micro Endpoint security products for enterprises provided by Trend Micro Incorporated contain an arbitrary code execution vulnerability (CWE-94, CVE-2023-41179) in 3rd Party AV Uninstaller Module.\r\n\r\nTrend Micro Incorporated states that an attack exploiting this vulnerability has been observed.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-003721.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security",
          "@product": "Worry-Free Business Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security_services",
          "@product": "Worry-Free Business Security Services",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "9.1",
        "@severity": "Critical",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2023-003721",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU90967486/index.html",
          "@id": "JVNVU#90967486",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-41179",
          "@id": "CVE-2023-41179",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-41179",
          "@id": "CVE-2023-41179",
          "@source": "NVD"
        },
        {
          "#text": "https://www.jpcert.or.jp/english/at/2023/at230021.html",
          "@id": "JPCERT-AT-2023-0021",
          "@source": "JPCERT"
        },
        {
          "#text": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "@id": "CVE-2023-41179",
          "@source": "CISA Known Exploited Vulnerabilities Catalog"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-94",
          "@title": "Code Injection(CWE-94)"
        }
      ],
      "title": "Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution"
    }

    JVNDB-2023-002100

    Vulnerability from jvndb - Published: 2023-06-14 14:47 - Updated:2024-05-23 15:23
    Severity
    Summary
    Security updates for multiple Trend Micro products for enterprises (June 2023)
    Details
    Trend Micro Incorporated has released security updates for multiple Trend Micro products for enterprises. For more details, refer to the information provided by the developer. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    References
    JVN https://jvn.jp/en/vu/JVNVU91852506/
    JVN https://jvn.jp/en/vu/JVNVU93384719/index.html
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32521
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32522
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32523
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32524
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32525
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32526
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32527
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32528
    CVE https://www.cve.org/CVERecord?id=CVE-2023-30902
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32552
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32553
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32554
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32555
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32556
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32557
    CVE https://www.cve.org/CVERecord?id=CVE-2023-34144
    CVE https://www.cve.org/CVERecord?id=CVE-2023-34145
    CVE https://www.cve.org/CVERecord?id=CVE-2023-34146
    CVE https://www.cve.org/CVERecord?id=CVE-2023-34147
    CVE https://www.cve.org/CVERecord?id=CVE-2023-34148
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32529
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32530
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32531
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32532
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32533
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32534
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32535
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32536
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32537
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32604
    CVE https://www.cve.org/CVERecord?id=CVE-2023-32605
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-30902
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32521
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32522
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32523
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32524
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32525
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32526
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32527
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32528
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32552
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32553
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32554
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32555
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32556
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32557
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34144
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34145
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34146
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34147
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32529
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32530
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32531
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32532
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32533
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32534
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32535
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32536
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32537
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32604
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-32605
    NVD https://nvd.nist.gov/vuln/detail/CVE-2023-34148
    Path Traversal(CWE-22) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
    Improper Authentication(CWE-287) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
    No Mapping(CWE-noinfo) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
    Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367) https://cwe.mitre.org/data/definitions/367.html
    Link Following(CWE-59) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
    Untrusted Search Path(CWE-426) https://cwe.mitre.org/data/definitions/426.html
    Improper Privilege Management(CWE-269) https://cwe.mitre.org/data/definitions/269.html
    SQL Injection(CWE-89) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
    Cross-site Scripting(CWE-79) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
    No Mapping(CWE-Other) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002100.html",
      "dc:date": "2024-05-23T15:23+09:00",
      "dcterms:issued": "2023-06-14T14:47+09:00",
      "dcterms:modified": "2024-05-23T15:23+09:00",
      "description": "Trend Micro Incorporated has released security updates for multiple Trend Micro products for enterprises. For more details, refer to the information provided by the developer.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002100.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_central",
          "@product": "Apex Central",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:mobile_security",
          "@product": "Trend Micro Mobile Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "9.8",
        "@severity": "Critical",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2023-002100",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU91852506/",
          "@id": "JVNVU#91852506",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/vu/JVNVU93384719/index.html",
          "@id": "JVNVU#93384719",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32521",
          "@id": "CVE-2023-32521",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32522",
          "@id": "CVE-2023-32522",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32523",
          "@id": "CVE-2023-32523",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32524",
          "@id": "CVE-2023-32524",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32525",
          "@id": "CVE-2023-32525",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32526",
          "@id": "CVE-2023-32526",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32527",
          "@id": "CVE-2023-32527",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32528",
          "@id": "CVE-2023-32528",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-30902",
          "@id": "CVE-2023-30902",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32552",
          "@id": "CVE-2023-32552",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32553",
          "@id": "CVE-2023-32553",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32554",
          "@id": "CVE-2023-32554",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32555",
          "@id": "CVE-2023-32555",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32556",
          "@id": "CVE-2023-32556",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32557",
          "@id": "CVE-2023-32557",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34144",
          "@id": "CVE-2023-34144",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34145",
          "@id": "CVE-2023-34145",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34146",
          "@id": "CVE-2023-34146",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34147",
          "@id": "CVE-2023-34147",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-34148",
          "@id": "CVE-2023-34148",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32529",
          "@id": "CVE-2023-32529",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32530",
          "@id": "CVE-2023-32530",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32531",
          "@id": "CVE-2023-32531",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32532",
          "@id": "CVE-2023-32532",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32533",
          "@id": "CVE-2023-32533",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32534",
          "@id": "CVE-2023-32534",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32535",
          "@id": "CVE-2023-32535",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32536",
          "@id": "CVE-2023-32536",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32537",
          "@id": "CVE-2023-32537",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32604",
          "@id": "CVE-2023-32604",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-32605",
          "@id": "CVE-2023-32605",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-30902",
          "@id": "CVE-2023-30902",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32521",
          "@id": "CVE-2023-32521",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32522",
          "@id": "CVE-2023-32522",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32523",
          "@id": "CVE-2023-32523",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32524",
          "@id": "CVE-2023-32524",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32525",
          "@id": "CVE-2023-32525",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32526",
          "@id": "CVE-2023-32526",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32527",
          "@id": "CVE-2023-32527",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32528",
          "@id": "CVE-2023-32528",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32552",
          "@id": "CVE-2023-32552",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32553",
          "@id": "CVE-2023-32553",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32554",
          "@id": "CVE-2023-32554",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32555",
          "@id": "CVE-2023-32555",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32556",
          "@id": "CVE-2023-32556",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32557",
          "@id": "CVE-2023-32557",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34144",
          "@id": "CVE-2023-34144",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34145",
          "@id": "CVE-2023-34145",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34146",
          "@id": "CVE-2023-34146",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34147",
          "@id": "CVE-2023-34147",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32529",
          "@id": "CVE-2023-32529",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32530",
          "@id": "CVE-2023-32530",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32531",
          "@id": "CVE-2023-32531",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32532",
          "@id": "CVE-2023-32532",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32533",
          "@id": "CVE-2023-32533",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32534",
          "@id": "CVE-2023-32534",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32535",
          "@id": "CVE-2023-32535",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32536",
          "@id": "CVE-2023-32536",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32537",
          "@id": "CVE-2023-32537",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32604",
          "@id": "CVE-2023-32604",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-32605",
          "@id": "CVE-2023-32605",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34148",
          "@id": "CVE-2023-34148",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-22",
          "@title": "Path Traversal(CWE-22)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-287",
          "@title": "Improper Authentication(CWE-287)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/367.html",
          "@id": "CWE-367",
          "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-59",
          "@title": "Link Following(CWE-59)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/426.html",
          "@id": "CWE-426",
          "@title": "Untrusted Search Path(CWE-426)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/269.html",
          "@id": "CWE-269",
          "@title": "Improper Privilege Management(CWE-269)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-89",
          "@title": "SQL Injection(CWE-89)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Security updates for multiple Trend Micro products for enterprises (June 2023)"
    }

    JVNDB-2023-001292

    Vulnerability from jvndb - Published: 2023-03-02 17:33 - Updated:2024-06-07 16:59
    Severity
    Summary
    Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
    Details
    Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001292.html",
      "dc:date": "2024-06-07T16:59+09:00",
      "dcterms:issued": "2023-03-02T17:33+09:00",
      "dcterms:modified": "2024-06-07T16:59+09:00",
      "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001292.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
          "@product": "Apex One as a Service",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "9.8",
        "@severity": "Critical",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2023-001292",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU96221942/index.html",
          "@id": "JVNVU#96221942",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-0587",
          "@id": "CVE-2023-0587",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25143",
          "@id": "CVE-2023-25143",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25144",
          "@id": "CVE-2023-25144",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25145",
          "@id": "CVE-2023-25145",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25146",
          "@id": "CVE-2023-25146",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25147",
          "@id": "CVE-2023-25147",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25148",
          "@id": "CVE-2023-25148",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-0587",
          "@id": "CVE-2023-0587",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25143",
          "@id": "CVE-2023-25143",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25144",
          "@id": "CVE-2023-25144",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25145",
          "@id": "CVE-2023-25145",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25146",
          "@id": "CVE-2023-25146",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25147",
          "@id": "CVE-2023-25147",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25148",
          "@id": "CVE-2023-25148",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/434.html",
          "@id": "CWE-434",
          "@title": "Unrestricted Upload of File with Dangerous Type(CWE-434)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/427.html",
          "@id": "CWE-427",
          "@title": "Uncontrolled Search Path Element(CWE-427)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-59",
          "@title": "Link Following(CWE-59)"
        }
      ],
      "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
    }

    JVNDB-2022-002836

    Vulnerability from jvndb - Published: 2022-12-26 16:21 - Updated:2024-05-30 17:47
    Severity
    Summary
    Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
    Details
    Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002836.html",
      "dc:date": "2024-05-30T17:47+09:00",
      "dcterms:issued": "2022-12-26T16:21+09:00",
      "dcterms:modified": "2024-05-30T17:47+09:00",
      "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002836.html",
      "sec:cpe": {
        "#text": "cpe:/a:trendmicro:apex_one",
        "@product": "Apex One",
        "@vendor": "Trend Micro, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2022-002836",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU96679793/index.html",
          "@id": "JVNVU#96679793",
          "@source": "JVN"
        },
        {
          "#text": "http://jvn.jp/en/vu/JVNVU91848962/index.html",
          "@id": "JVNVU#91848962",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-45797",
          "@id": "CVE-2022-45797",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-45798",
          "@id": "CVE-2022-45798",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-45797",
          "@id": "CVE-2022-45797",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-45798",
          "@id": "CVE-2022-45798",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-59",
          "@title": "Link Following(CWE-59)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
    }

    JVNDB-2022-002761

    Vulnerability from jvndb - Published: 2022-11-21 18:25 - Updated:2024-05-31 17:43
    Severity
    Summary
    Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
    Details
    Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002761.html",
      "dc:date": "2024-05-31T17:43+09:00",
      "dcterms:issued": "2022-11-21T18:25+09:00",
      "dcterms:modified": "2024-05-31T17:43+09:00",
      "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002761.html",
      "sec:cpe": {
        "#text": "cpe:/a:trendmicro:apex_one",
        "@product": "Apex One",
        "@vendor": "Trend Micro, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2022-002761",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU90082799",
          "@id": "JVNVU#90082799",
          "@source": "JVN"
        },
        {
          "#text": "http://jvn.jp/en/vu/JVNVU91848962/index.html",
          "@id": "JVNVU#91848962",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44647",
          "@id": "CVE-2022-44647",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44648",
          "@id": "CVE-2022-44648",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44649",
          "@id": "CVE-2022-44649",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44650",
          "@id": "CVE-2022-44650",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44651",
          "@id": "CVE-2022-44651",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44652",
          "@id": "CVE-2022-44652",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44653",
          "@id": "CVE-2022-44653",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-44654",
          "@id": "CVE-2022-44654",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44647",
          "@id": "CVE-2022-44647",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44648",
          "@id": "CVE-2022-44648",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44649",
          "@id": "CVE-2022-44649",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44650",
          "@id": "CVE-2022-44650",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44651",
          "@id": "CVE-2022-44651",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44652",
          "@id": "CVE-2022-44652",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44653",
          "@id": "CVE-2022-44653",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-44654",
          "@id": "CVE-2022-44654",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/125.html",
          "@id": "CWE-125",
          "@title": "Out-of-bounds Read(CWE-125)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/787.html",
          "@id": "CWE-787",
          "@title": "Out-of-bounds Write(CWE-787)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/367.html",
          "@id": "CWE-367",
          "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/755.html",
          "@id": "CWE-755",
          "@title": "Improper Handling of Exceptional Conditions(CWE-755)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-22",
          "@title": "Path Traversal(CWE-22)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
    }

    JVNDB-2022-002544

    Vulnerability from jvndb - Published: 2022-10-20 16:18 - Updated:2024-06-13 13:58
    Severity
    Summary
    Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
    Details
    Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002544.html",
      "dc:date": "2024-06-13T13:58+09:00",
      "dcterms:issued": "2022-10-20T16:18+09:00",
      "dcterms:modified": "2024-06-13T13:58+09:00",
      "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002544.html",
      "sec:cpe": {
        "#text": "cpe:/a:trendmicro:apex_one",
        "@product": "Apex One",
        "@vendor": "Trend Micro, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "9.1",
        "@severity": "Critical",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2022-002544",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU97131578/index.html",
          "@id": "JVNVU#97131578",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41744",
          "@id": "CVE-2022-41744",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41745",
          "@id": "CVE-2022-41745",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41746",
          "@id": "CVE-2022-41746",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41747",
          "@id": "CVE-2022-41747",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41748",
          "@id": "CVE-2022-41748",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-41749",
          "@id": "CVE-2022-41749",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41744",
          "@id": "CVE-2022-41744",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41745",
          "@id": "CVE-2022-41745",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41746",
          "@id": "CVE-2022-41746",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41747",
          "@id": "CVE-2022-41747",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41748",
          "@id": "CVE-2022-41748",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41749",
          "@id": "CVE-2022-41749",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/367.html",
          "@id": "CWE-367",
          "@title": "Time-of-check Time-of-use (TOCTOU) Race Condition(CWE-367)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/125.html",
          "@id": "CWE-125",
          "@title": "Out-of-bounds Read(CWE-125)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/425.html",
          "@id": "CWE-425",
          "@title": "Direct Request (\u0027Forced Browsing\u0027)(CWE-425)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/295.html",
          "@id": "CWE-295",
          "@title": "Improper Certificate Validation(CWE-295)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/276.html",
          "@id": "CWE-276",
          "@title": "Incorrect Default Permissions(CWE-276)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/346.html",
          "@id": "CWE-346",
          "@title": "Origin Validation Error(CWE-346)"
        }
      ],
      "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
    }

    JVNDB-2022-000071

    Vulnerability from jvndb - Published: 2022-09-14 18:15 - Updated:2024-06-13 11:34
    Severity
    Summary
    Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service
    Details
    Trend Micro Apex One and Trend Micro Apex One as a Service provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. * Improper validation in some components of the rollback mechanism (CWE-20) - CVE-2022-40139 * Improper access control (CWE-284) - CVE-2022-40140 * Information exposure (CWE-200) - CVE-2022-40141 * Improper link resolution before file access (CWE-59) - CVE-2022-40142 * Improper link resolution before file access (CWE-59) - CVE-2022-40143 * Improper authentication (CWE-287) - CVE-2022-40144 Trend Micro Incorporated states that attacks exploiting CVE-2022-40139 have been observed. CVE-2022-40139, CVE-2022-40140, CVE-2022-40141, CVE-2022-40142, CVE-2022-40143 Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. CVE-2022-40144 Akinori Takeuchi of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000071.html",
      "dc:date": "2024-06-13T11:34+09:00",
      "dcterms:issued": "2022-09-14T18:15+09:00",
      "dcterms:modified": "2024-06-13T11:34+09:00",
      "description": "Trend Micro Apex One and Trend Micro Apex One as a Service provided by Trend Micro Incorporated contain multiple vulnerabilities listed below.\r\n\r\n  * Improper validation in some components of the rollback mechanism (CWE-20) - CVE-2022-40139\r\n  * Improper access control (CWE-284) - CVE-2022-40140\r\n  * Information exposure (CWE-200) - CVE-2022-40141\r\n  * Improper link resolution before file access (CWE-59) - CVE-2022-40142\r\n  * Improper link resolution before file access (CWE-59) - CVE-2022-40143\r\n  * Improper authentication (CWE-287) - CVE-2022-40144\r\n\r\nTrend Micro Incorporated states that attacks exploiting CVE-2022-40139 have been observed.\r\n\r\nCVE-2022-40139, CVE-2022-40140, CVE-2022-40141, CVE-2022-40142, CVE-2022-40143\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.\r\n\r\nCVE-2022-40144\r\nAkinori Takeuchi of Cyber Defense Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000071.html",
      "sec:cpe": {
        "#text": "cpe:/a:trendmicro:apex_one",
        "@product": "Apex One",
        "@vendor": "Trend Micro, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2022-000071",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN36454862/index.html",
          "@id": "JVN#36454862",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40139",
          "@id": "CVE-2022-40139",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40140",
          "@id": "CVE-2022-40140",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40141",
          "@id": "CVE-2022-40141",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40142",
          "@id": "CVE-2022-40142",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40143",
          "@id": "CVE-2022-40143",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-40144",
          "@id": "CVE-2022-40144",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40139",
          "@id": "CVE-2022-40139",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40140",
          "@id": "CVE-2022-40140",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40141",
          "@id": "CVE-2022-40141",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40142",
          "@id": "CVE-2022-40142",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40143",
          "@id": "CVE-2022-40143",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-40144",
          "@id": "CVE-2022-40144",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/security/ciadr/vul/20220913-jvn.html",
          "@id": "JVN#36454862",
          "@source": "IPA SECURITY ALERTS"
        },
        {
          "#text": "https://www.jpcert.or.jp/english/at/2022/at220023.html",
          "@id": "JPCERT-AT-2022-0023",
          "@source": "JPCERT"
        },
        {
          "#text": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "@id": "CVE-2022-40139",
          "@source": "CISA Known Exploited Vulnerabilities Catalog"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-20",
          "@title": "Improper Input Validation(CWE-20)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-200",
          "@title": "Information Exposure(CWE-200)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-264",
          "@title": "Permissions(CWE-264)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-287",
          "@title": "Improper Authentication(CWE-287)"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-59",
          "@title": "Link Following(CWE-59)"
        }
      ],
      "title": "Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service"
    }

    JVNDB-2022-002265

    Vulnerability from jvndb - Published: 2022-08-18 15:45 - Updated:2024-06-14 17:11
    Severity
    Summary
    Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation
    Details
    Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002265.html",
      "dc:date": "2024-06-14T17:11+09:00",
      "dcterms:issued": "2022-08-18T15:45+09:00",
      "dcterms:modified": "2024-06-14T17:11+09:00",
      "description": "Trend Micro Incorporated has released security updates for Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002265.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security",
          "@product": "Worry-Free Business Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security_services",
          "@product": "Worry-Free Business Security Services",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2022-002265",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU96643038/index.html",
          "@id": "JVNVU#96643038",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-36336",
          "@id": "CVE-2022-36336",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-36336",
          "@id": "CVE-2022-36336",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-59",
          "@title": "Link Following(CWE-59)"
        }
      ],
      "title": "Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation"
    }

    JVNDB-2022-001948

    Vulnerability from jvndb - Published: 2022-06-03 12:17 - Updated:2024-06-18 16:30
    Severity
    Summary
    Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
    Details
    Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001948.html",
      "dc:date": "2024-06-18T16:30+09:00",
      "dcterms:issued": "2022-06-03T12:17+09:00",
      "dcterms:modified": "2024-06-18T16:30+09:00",
      "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001948.html",
      "sec:cpe": {
        "#text": "cpe:/a:trendmicro:apex_one",
        "@product": "Apex One",
        "@vendor": "Trend Micro, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "7.2",
          "@severity": "High",
          "@type": "Base",
          "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2022-001948",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU90675050/index.html",
          "@id": "JVNVU#90675050",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-30700",
          "@id": "CVE-2022-30700",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2022-30701",
          "@id": "CVE-2022-30701",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-30700",
          "@id": "CVE-2022-30700",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-30701",
          "@id": "CVE-2022-30701",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/732.html",
          "@id": "CWE-732",
          "@title": "Incorrect Permission Assignment for Critical Resource(CWE-732)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/427.html",
          "@id": "CWE-427",
          "@title": "Uncontrolled Search Path Element(CWE-427)"
        }
      ],
      "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
    }

    JVNDB-2022-001380

    Vulnerability from jvndb - Published: 2022-03-02 17:07 - Updated:2022-03-02 17:07
    Summary
    Multiples security updates for Trend Micro Endpoint security products for enterprises (March 2022)
    Details
    Trend Micro Incorporated has released multiple security updates for Trend Micro Endpoint security products for enterprises. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001380.html",
      "dc:date": "2022-03-02T17:07+09:00",
      "dcterms:issued": "2022-03-02T17:07+09:00",
      "dcterms:modified": "2022-03-02T17:07+09:00",
      "description": "Trend Micro Incorporated has released multiple security updates for Trend Micro Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001380.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security",
          "@product": "Worry-Free Business Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security_services",
          "@product": "Worry-Free Business Security Services",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:identifier": "JVNDB-2022-001380",
      "sec:references": {
        "#text": "https://jvn.jp/en/vu/JVNVU96994445/index.html",
        "@id": "JVNVU#96994445",
        "@source": "JVN"
      },
      "title": "Multiples security updates for Trend Micro Endpoint security products for enterprises (March 2022)"
    }

    JVNDB-2021-003385

    Vulnerability from jvndb - Published: 2021-10-26 12:35 - Updated:2021-10-26 12:35
    Summary
    Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation
    Details
    Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
    References
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-003385.html",
      "dc:date": "2021-10-26T12:35+09:00",
      "dcterms:issued": "2021-10-26T12:35+09:00",
      "dcterms:modified": "2021-10-26T12:35+09:00",
      "description": "Trend Micro Incorporated has released security updates for Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-003385.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
          "@product": "Apex One as a Service",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security_services",
          "@product": "Worry-Free Business Security Services",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:worry_free_business_security",
          "@product": "Worry-Free Business Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:identifier": "JVNDB-2021-003385",
      "sec:references": {
        "#text": "https://jvn.jp/en/vu/JVNVU92842857/",
        "@id": "JVNVU#92842857",
        "@source": "JVN"
      },
      "title": "Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation"
    }

    JVNDB-2021-002279

    Vulnerability from jvndb - Published: 2021-08-19 15:01 - Updated:2021-08-19 15:01
    Summary
    Incorrect permission assignment vulnerability in multiple Trend Micro Endpoint security products for enterprises
    Details
    Trend Micro Incorporated has released a security update for multiple Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.
    References
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002279.html",
      "dc:date": "2021-08-19T15:01+09:00",
      "dcterms:issued": "2021-08-19T15:01+09:00",
      "dcterms:modified": "2021-08-19T15:01+09:00",
      "description": "Trend Micro Incorporated has released a security update for multiple Endpoint security products for enterprises.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002279.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security",
          "@product": "Worry-Free Business Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security_services",
          "@product": "Worry-Free Business Security Services",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:identifier": "JVNDB-2021-002279",
      "sec:references": {
        "#text": "https://jvn.jp/en/vu/JVNVU90091573/",
        "@id": "JVNVU#90091573",
        "@source": "JVN"
      },
      "title": "Incorrect permission assignment vulnerability in multiple Trend Micro Endpoint security products for enterprises"
    }

    JVNDB-2021-002077

    Vulnerability from jvndb - Published: 2021-08-04 11:15 - Updated:2021-08-04 11:15
    Severity
    Summary
    Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises
    Details
    Multiple Endpoint security products for enterprises provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. * Incorrect Permission Assignment (CWE-732) - CVE-2021-32464 * Improper Preservation of Permissions (CWE-281) - CVE-2021-32465 * Improper Input Validation (CWE-20) - CVE-2021-36741 * Improper Input Validation (CWE-20) - CVE-2021-36742 Trend Micro Incorporated states that attacks against CVE-2021-36741 and CVE-2021-36742 have been observed. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002077.html",
      "dc:date": "2021-08-04T11:15+09:00",
      "dcterms:issued": "2021-08-04T11:15+09:00",
      "dcterms:modified": "2021-08-04T11:15+09:00",
      "description": "Multiple Endpoint security products for enterprises provided by Trend Micro Incorporated contain multiple vulnerabilities listed below.\r\n\r\n* Incorrect Permission Assignment (CWE-732) - CVE-2021-32464\r\n* Improper Preservation of Permissions (CWE-281) - CVE-2021-32465\r\n* Improper Input Validation (CWE-20) - CVE-2021-36741\r\n* Improper Input Validation (CWE-20) - CVE-2021-36742\r\n\r\nTrend Micro Incorporated states that attacks against CVE-2021-36741 and CVE-2021-36742 have been observed.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
      "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002077.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:trendmicro:apex_one",
          "@product": "Apex One",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security",
          "@product": "Worry-Free Business Security",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:trendmicro:business_security_services",
          "@product": "Worry-Free Business Security Services",
          "@vendor": "Trend Micro, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "7.2",
          "@severity": "High",
          "@type": "Base",
          "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2021-002077",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/vu/JVNVU93876919/index.html",
          "@id": "JVNVU#93876919",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32464",
          "@id": "CVE-2021-32464",
          "@source": "CVE"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32465",
          "@id": "CVE-2021-32465",
          "@source": "CVE"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36741",
          "@id": "CVE-2021-36741",
          "@source": "CVE"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36742",
          "@id": "CVE-2021-36742",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32464",
          "@id": "CVE-2021-32464",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32465",
          "@id": "CVE-2021-32465",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-36742",
          "@id": "CVE-2021-36742",
          "@source": "NVD"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-36741",
          "@id": "CVE-2021-36741",
          "@source": "NVD"
        },
        {
          "#text": "https://www.jpcert.or.jp/at/2021/at210033.html",
          "@id": "JPCERT-AT-2021-0033",
          "@source": "JPCERT"
        },
        {
          "#text": "https://cisa.gov/known-exploited-vulnerabilities-catalog",
          "@id": "CVE-2021-36741, CVE-2021-36742",
          "@source": "CISA Known Exploited Vulnerabilities Catalog"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-20",
          "@title": "Improper Input Validation(CWE-20)"
        },
        {
          "#text": "http://cwe.mitre.org/data/definitions/281.html",
          "@id": "CWE-281",
          "@title": "Improper Preservation of Permissions(CWE-281)"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/732.html",
          "@id": "CWE-732",
          "@title": "Incorrect Permission Assignment for Critical Resource(CWE-732)"
        }
      ],
      "title": "Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises"
    }