CVE-2021-25246

Summary

An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro Apex One2019, SaaSaffected
Trend MicroTrend Micro OfficeScanXG SP1affected
Trend MicroTrend Micro Worry-Free Business Security10.0 SP1affected

Weaknesses

  • Improper Access Control Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References