Skip to main content

Serverprotect For Storage

4 CVEs product

Monthly

CVE-2022-25331 HIGH POC PATCH This Week

Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Trend Micro Serverprotect Serverprotect For Network Appliance Filer Serverprotect For Storage
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2022-25330 CRITICAL POC PATCH Act Now

Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Trend Micro Serverprotect Serverprotect For Network Appliance Filer +1
NVD
CVSS 3.1
9.8
EPSS
4.9%
CVE-2022-25329 CRITICAL PATCH Act Now

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Trend Micro Serverprotect Serverprotect For Network Appliance Filer Serverprotect For Storage
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-25252 MEDIUM PATCH This Month

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Apex Central Apex One Cloud Edge +16
NVD
CVSS 3.1
5.5
EPSS
0.6%
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Trend Micro Serverprotect +2
NVD
EPSS 5% CVSS 9.8
CRITICAL POC PATCH Act Now

Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Trend Micro +3
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Trend Micro Serverprotect +2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Apex Central +18
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy