Find a vulnerability

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-014079.html",
  "dc:date": "2024-12-06T12:11+09:00",
  "dcterms:issued": "2024-12-06T12:11+09:00",
  "dcterms:modified": "2024-12-06T12:11+09:00",
  "description": "Trend Micro Incorporated has released the security updates for Deep Security Agent (for Windows) and Deep Security Notifier on DSVA (for Windows VM) to fix an OS command injection vulnerability (CWE-78, CVE-2024-48903).\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-014079.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:deep_security_agent",
      "@product": "Deep Security Agent",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:deep_security_notifier",
      "@product": "Deep Security Notifier",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2024-014079",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU93693807/index.html",
      "@id": "JVNVU#93693807",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-26871",
      "@id": "CVE-2024-51503",
      "@source": "CVE"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-78",
      "@title": "OS Command Injection(CWE-78)"
    }
  ],
  "title": "Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection"
}