First published: Tue Dec 01 2020(Updated: )
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Apex One | =2019 | |
Trendmicro Officescan | =xg-sp1 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-28576.
The severity rating of CVE-2020-28576 is 5.3, which is considered medium.
The affected software for CVE-2020-28576 is Trend Micro Apex One.
No, authentication is not required to exploit CVE-2020-28576.
More information about CVE-2020-28576 can be found at the following references: [Trend Micro Solution](https://success.trendmicro.com/solution/000281949), [Zero Day Initiative Advisory](https://www.zerodayinitiative.com/advisories/ZDI-20-1375/).