CVE-2020-28577 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2020-28577

CWE

https://cwe.mitre.org/data/definitions/.html

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.

Affected Software

Name	Vendor	Start Version	End Version
Apex_one	Trendmicro	2019 (including)	2019 (including)
Officescan	Trendmicro	xg-sp1 (including)	xg-sp1 (including)

References

https://success.trendmicro.com/solution/000281947
https://success.trendmicro.com/solution/000281949
https://www.zerodayinitiative.com/advisories/ZDI-20-1376/
https://success.trendmicro.com/solution/000281947
https://success.trendmicro.com/solution/000281949
https://www.zerodayinitiative.com/advisories/ZDI-20-1376/