Skip to main content

Vulnerability Protection

5 CVEs product

Monthly

CVE-2020-8602 HIGH PATCH This Week

A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Trend Micro Deep Security Manager Vulnerability Protection
NVD
CVSS 3.1
7.2
EPSS
4.2%
CVE-2020-15605 HIGH PATCH This Week

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Trend Micro Authentication Bypass Deep Security Manager Vulnerability Protection
NVD
CVSS 3.1
8.1
EPSS
2.8%
CVE-2020-15601 HIGH PATCH This Week

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Trend Micro Authentication Bypass Deep Security Manager Vulnerability Protection
NVD
CVSS 3.1
8.1
EPSS
2.8%
CVE-2020-8601 HIGH This Week

Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Vulnerability Protection
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-9488 MEDIUM PATCH This Month

Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Trend Micro Deep Security Manager Vulnerability Protection
NVD
CVSS 3.1
4.9
EPSS
1.2%
EPSS 4% CVSS 7.2
HIGH PATCH This Week

A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Trend Micro Deep Security Manager +1
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Trend Micro Authentication Bypass Deep Security Manager +1
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Trend Micro Authentication Bypass Deep Security Manager +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Vulnerability Protection
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Trend Micro Deep Security Manager +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy