Trendmicro Serverprotect For Storage vulnerabilities
4 known vulnerabilities affecting trendmicro/serverprotect_for_storage.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-25329CRITICALCVSS 9.8v6.02022-02-24
CVE-2022-25329 [CRITICAL] CWE-798 CVE-2022-25329: Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authenticat
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.
nvd
CVE-2022-25330CRITICALCVSS 9.8v6.02022-02-24
CVE-2022-25330 [CRITICAL] CWE-190 CVE-2022-25330: Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
nvd
CVE-2022-25331HIGHCVSS 7.5v6.02022-02-24
CVE-2022-25331 [HIGH] CVE-2022-25331: Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
nvd
CVE-2021-25252MEDIUMCVSS 5.5v6.02021-03-03
CVE-2021-25252 [MEDIUM] CWE-400 CVE-2021-25252: Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a me
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
nvd