The vulnerability of the modTMSL module in the monitoring and security management panel of Trend Micro Apex Central allows a attacker to perform an SSRF attack.

🗓️ 16 Aug 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

The modTMSL module in Trend Micro Apex Central enables remote server side request forgery.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2023-38624	23 Jan 202422:26	–	circl
CNNVD	Trend Micro Apex Central Security Vulnerability	23 Jan 202400:00	–	cnnvd
CVE	CVE-2023-38624	23 Jan 202420:34	–	cve
Cvelist	CVE-2023-38624	23 Jan 202420:34	–	cvelist
EUVD	EUVD-2023-42423	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Multiple server-side request forgery vulnerabilities in Trend Micro Apex Central (July 2023)	10 Aug 202307:04	–	jvn
NVD	CVE-2023-38624	23 Jan 202421:15	–	nvd
OSV	CVE-2023-38624	23 Jan 202421:15	–	osv
Prion	Server side request forgery (ssrf)	23 Jan 202421:15	–	prion
Prion	Server side request forgery (ssrf)	23 Jan 202421:15	–	prion

Source	Link
success	www.success.trendmicro.com/dcx/s/solution/000294176
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-998/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2023072643
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-998/

16 Aug 2023 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 28

CVSS 39.1

EPSS0.00358

Trend Micro Apex Central modTMSL module remote server side request forgery