An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch level information.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Apex_one | Trendmicro | 2019 (including) | 2019 (including) |
| Officescan | Trendmicro | xg-sp1 (including) | xg-sp1 (including) |
| Worry-free_business_security | Trendmicro | 10.0-sp1 (including) | 10.0-sp1 (including) |
References
- https://success.trendmicro.com/solution/000284202
- https://success.trendmicro.com/solution/000284205
- https://success.trendmicro.com/solution/000284206
- https://www.zerodayinitiative.com/advisories/ZDI-21-116/
- https://success.trendmicro.com/solution/000284202
- https://success.trendmicro.com/solution/000284205
- https://success.trendmicro.com/solution/000284206
- https://www.zerodayinitiative.com/advisories/ZDI-21-116/