First published: Mon Jun 26 2023(Updated: )
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32552.
Credit: security@trendmicro.com security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Apex One | <14.0.12105 | |
Trendmicro Apex One | =2019 | |
Microsoft Windows | ||
Trend Micro Apex One | ||
All of | ||
Any of | ||
Trendmicro Apex One | <14.0.12105 | |
Trendmicro Apex One | =2019 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32553 is a vulnerability that allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One.
CVE-2023-32553 has a severity level of medium (6.5).
CVE-2023-32553 affects Trend Micro Apex One by exposing sensitive information through improper access control within the web console.
No, authentication is not required to exploit CVE-2023-32553.
To fix CVE-2023-32553, users should apply the necessary security patches or updates provided by Trend Micro.