An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database.
References
Link | Resource |
---|---|
https://success.trendmicro.com/solution/000284205 | Patch Vendor Advisory |
https://success.trendmicro.com/solution/000284202 | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-107/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-02-04 12:15
Updated : 2021-02-05 10:02
NVD link : CVE-2021-25232
Mitre link : CVE-2021-25232
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
trendmicro
- officescan
- apex_one
microsoft
- windows