A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product's login authentication by falsifying request parameters on affected installations.
References
Link | Resource |
---|---|
https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4553 | Patch Vendor Advisory |
https://jvn.jp/en/jp/JVN36454862/index.html | Patch Third Party Advisory |
https://success.trendmicro.com/solution/000291528 | Patch Vendor Advisory |
https://www.ipa.go.jp/security/ciadr/vul/20220913-jvn.html | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 03:52
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product's login authentication by falsifying request parameters on affected installations. |
21 Sep 2022, 13:30
Type | Values Removed | Values Added |
---|---|---|
References | (N/A) https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4553 - Patch, Vendor Advisory | |
References | (N/A) https://success.trendmicro.com/solution/000291528 - Patch, Vendor Advisory | |
References | (N/A) https://jvn.jp/en/jp/JVN36454862/index.html - Patch, Third Party Advisory | |
References | (N/A) https://www.ipa.go.jp/security/ciadr/vul/20220913-jvn.html - Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-287 | |
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:trendmicro:apex_one:-:*:*:*:*:saas:*:* cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:* |
|
First Time |
Trendmicro apex One
Microsoft windows Microsoft Trendmicro |
19 Sep 2022, 18:33
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-19 18:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-40144
Mitre link : CVE-2022-40144
CVE.ORG link : CVE-2022-40144
JSON object : View
Products Affected
microsoft
- windows
trendmicro
- apex_one
CWE
CWE-287
Improper Authentication