CVE-2023-32531

Summary

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.

This is similar to, but not identical to CVE-2023-32532 through 32535.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Micro Apex Central2019 (8.0) < 8.0.0.6394affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References