An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product?s management console in order to exploit this vulnerability.
|trendmicro:officescan_business_security||trendmicro officescan business security||10.0|
|trendmicro:apex_one||trendmicro apex one||2019|
|trendmicro:worry-free_business_security||trendmicro worry-free business security||10.0|
Trend Micro Systems Multiple Products Improper Input Validation Vulnerability
Trend Micro Worry-Free Business Security (WFBS) 10.0 SP1 < 10.0 SP1 Patch 2329 Multiple Vulnerabilities (000287820)
Trend Micro OfficeScan 10 SP1 < 10 SP1 Patch 2329 Multiple Vulnerabilities (000287815)
Qualys Response to CISA Alert: Binding Operational Directive 22-01