CVE-2023-32604

Summary

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.

Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.

This is similar to, but not identical to CVE-2023-32605.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Micro Apex Central2019 (8.0) < 8.0.0.6394affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References