CVE-2021-25228

2021-02-0419:36:38

trendmicro

www.cve.org

improper access control

trend micro

apex one

officescan xg

worry-free business security

unauthenticated user

hotfix history

AI Score

5.5

Confidence

High

EPSS

0.004

Percentile

72.8%

JSON

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history.

CNA Affected

[
  {
    "product": "Trend Micro Apex One",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "2019, SaaS"
      }
    ]
  },
  {
    "product": "Trend Micro OfficeScan",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "XG SP1"
      }
    ]
  },
  {
    "product": "Trend Micro Worry-Free Business Security",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "10.0 SP1"
      }
    ]
  }
]