First published: Mon Jun 26 2023(Updated: )
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32553
Credit: security@trendmicro.com security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Apex One | <14.0.12105 | |
Trendmicro Apex One | =2019 | |
Microsoft Windows | ||
Trend Micro Apex One | ||
All of | ||
Any of | ||
Trendmicro Apex One | <14.0.12105 | |
Trendmicro Apex One | =2019 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-32552.
The severity of CVE-2023-32552 is medium.
CVE-2023-32552 allows remote attackers to disclose sensitive information through the web console of Trend Micro Apex One without requiring authentication.
Trend Micro Apex One versions up to 14.0.12105 and 2019 are affected by CVE-2023-32552.
To fix CVE-2023-32552, apply the necessary security patches provided by Trend Micro.