CVE-2024-48904

Summary

An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances.

Please note: authentication is not required in order to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Micro Cloud Edge5.6SP2, 7.0 < 5.6.3228, 7.0.1081affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References