ZDI-23-653: Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability
First published: Wed May 17 2023(Updated: )
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro Apex One |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is ZDI-23-653?
ZDI-23-653 is an improper access control information disclosure vulnerability in Trend Micro Apex One.
What is the severity of ZDI-23-653?
The severity of ZDI-23-653 is medium, with a severity value of 6.5.
How can this vulnerability be exploited?
This vulnerability can be exploited by remote attackers to disclose sensitive information without authentication through the web console of Trend Micro Apex One.
Is authentication required to exploit ZDI-23-653?
No, authentication is not required to exploit ZDI-23-653.
How do I fix ZDI-23-653?
To fix ZDI-23-653, apply the necessary security patches or updates provided by Trend Micro.
- collector/zdi-published
- alias/ZDI-CAN-17965
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/references
- agent/severity
- agent/title
- agent/tags
- agent/event
- agent/description
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-23-653
- alias/CVE-2023-32553
- agent/software-canonical-lookup
- vendor/trend micro
- canonical/trend micro apex one