Lucene search
TrendmicroCVE-2023-25143HistoryMar 10, 2023 - 9:15 p.m.
CVE-2023-25143
2023-03-1021:15:14
CWE-427
trendmicro
web.nvd.nist.gov
28
vulnerability
trend micro
apex one server
remote code execution
attacker
nvd
cve-2023-25143
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.004
Percentile
74.4%
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.
Affected configurations
Node
trendmicroapex_oneRange<14.0.11960saas
ORtrendmicroapex_oneMatch2019-
microsoftwindowsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| trendmicro | apex_one | * | cpe:2.3:a:trendmicro:apex_one:*:*:*:*:saas:*:*:* |
| trendmicro | apex_one | 2019 | cpe:2.3:a:trendmicro:apex_one:2019:-:*:*:*:*:*:* |
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Trend Micro, Inc.",
"product": "Trend Micro Apex One",
"versions": [
{
"version": "2019 (14.0)",
"status": "affected",
"versionType": "semver",
"lessThan": "14.0.0.11564"
}
]
}
]Related
prion
prion
Path traversal
2023-03-10 21:15:00
cvelist
cvelist
CVE-2023-25143
2023-03-07 22:19:14
nvd
nvd
CVE-2023-25143
2023-03-10 21:15:14
nessus
nessus
Trend Micro Apex One Multiple Vulnerabilities (000292209)
2023-03-22 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.004
Percentile
74.4%
Related for CVE-2023-25143