Trend Micro Serverprotect For Storage vulnerabilities

CVE-2022-25330 [CRITICAL] CWE-190 CVE-2022-25330: Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.

CVE-2022-25329 [CRITICAL] CWE-798 CVE-2022-25329: Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authenticat Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.

CVE-2022-25331 [HIGH] CVE-2022-25331: Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.

CVE-2021-36745 [CRITICAL] CWE-425 CVE-2021-36745: A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, Ser A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations.