Trend Micro Inc Trend Micro Apex Central vulnerabilities
34 known vulnerabilities affecting trend_micro_inc/trend_micro_apex_central.
Total CVEs
34
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH11MEDIUM18
Vulnerabilities
Page 2 of 2
CVE-2023-52326MEDIUMCVSS 6.1≥ 2019, < 8.0.0.65702024-01-23
CVE-2023-52326 [MEDIUM] CWE-79 CVE-2023-52326: Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scri
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
Please note this vulnerability is similar, but not identical to CVE-2023-52327.
cvelistv5nvd
CVE-2023-52330MEDIUMCVSS 6.1≥ 2019, < 8.0.0.65702024-01-23
CVE-2023-52330 [MEDIUM] CWE-79 CVE-2023-52330: A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to ex
A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central.
Please note: user interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
cvelistv5nvd
CVE-2023-38624MEDIUMCVSS 5.4≥ 2019, < 8.0.0.64812024-01-23
CVE-2023-38624 [MEDIUM] CWE-918 CVE-2023-38624: A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 20
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability
cvelistv5nvd
CVE-2023-32529HIGHCVSS 8.8≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32529 [HIGH] CWE-89 CVE-2023-32529: Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allo
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.
Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.
This is similar to, but not identical t
cvelistv5nvd
CVE-2023-32530HIGHCVSS 8.8≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32530 [HIGH] CVE-2023-32530: Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection t
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.
Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilitie
cvelistv5
CVE-2023-32536MEDIUMCVSS 5.4≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32536 [MEDIUM] CWE-79 CVE-2023-32536: Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated re
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.
This is similar to
cvelistv5nvd
CVE-2023-32534MEDIUMCVSS 6.1≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32534 [MEDIUM] CVE-2023-32534: Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32535.
cvelistv5
CVE-2023-32537MEDIUMCVSS 5.4≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32537 [MEDIUM] CVE-2023-32537: Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
Please note: an attacker must first obtain authentication to Apex Central on the target system in order to explo
cvelistv5
CVE-2023-32533MEDIUMCVSS 6.1≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32533 [MEDIUM] CVE-2023-32533: Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32535.
cvelistv5
CVE-2023-32605MEDIUMCVSS 5.4≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32605 [MEDIUM] CVE-2023-32605: Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
Please note: an attacker must first obtain authentication to Apex Central on the target system in order to explo
cvelistv5
CVE-2023-32535MEDIUMCVSS 6.1≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32535 [MEDIUM] CVE-2023-32535: Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32534.
cvelistv5
CVE-2023-32532MEDIUMCVSS 6.1≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32532 [MEDIUM] CVE-2023-32532: Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32531 through 32535.
cvelistv5
CVE-2023-32531MEDIUMCVSS 6.1≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32531 [MEDIUM] CWE-79 CVE-2023-32531: Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scri
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.
This is similar to, but not identical to CVE-2023-32532 through 32535.
cvelistv5nvd
CVE-2023-32604MEDIUMCVSS 5.4≥ 2019 (8.0), < 8.0.0.63942023-06-26
CVE-2023-32604 [MEDIUM] CWE-79 CVE-2023-32604: Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated re
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.
This is similar to
cvelistv5nvd
← Previous2 / 2