CVE-2019-18189

Summary

A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro Apex One, Trend Micro OfficeScan (OSCE), Trend Micro Worry-Free Business Security (WFBS)Apex One (All), OSCE (11.0, XG), WFBS (9.5, 10.0)affected

Weaknesses

  • Root Login Bypass with Directory Traversal

ADP Enrichment

CVE Program Container

Additional References

References