Lucene search
HistoryJan 20, 2022 - 7:15 p.m.
CVE-2022-23120
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0005 Low
EPSS
Percentile
17.9%
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to the target agent in an un-activated and unconfigured state in order to exploit this vulnerability.
Affected configurations
Node
trendmicrodeep_security_agentRange20.0β20.0.0-3445long_term_support
ORtrendmicrodeep_security_agentMatch10.0-long_term_support
ORtrendmicrodeep_security_agentMatch10.0update1long_term_support
ORtrendmicrodeep_security_agentMatch10.0update10long_term_support
ORtrendmicrodeep_security_agentMatch10.0update11long_term_support
ORtrendmicrodeep_security_agentMatch10.0update12long_term_support
ORtrendmicrodeep_security_agentMatch10.0update13long_term_support
ORtrendmicrodeep_security_agentMatch10.0update14long_term_support
ORtrendmicrodeep_security_agentMatch10.0update15long_term_support
ORtrendmicrodeep_security_agentMatch10.0update16long_term_support
ORtrendmicrodeep_security_agentMatch10.0update17long_term_support
ORtrendmicrodeep_security_agentMatch10.0update18long_term_support
ORtrendmicrodeep_security_agentMatch10.0update19long_term_support
ORtrendmicrodeep_security_agentMatch10.0update2long_term_support
ORtrendmicrodeep_security_agentMatch10.0update20long_term_support
ORtrendmicrodeep_security_agentMatch10.0update21long_term_support
ORtrendmicrodeep_security_agentMatch10.0update22long_term_support
ORtrendmicrodeep_security_agentMatch10.0update23long_term_support
ORtrendmicrodeep_security_agentMatch10.0update24long_term_support
ORtrendmicrodeep_security_agentMatch10.0update25long_term_support
ORtrendmicrodeep_security_agentMatch10.0update26long_term_support
ORtrendmicrodeep_security_agentMatch10.0update27long_term_support
ORtrendmicrodeep_security_agentMatch10.0update28long_term_support
ORtrendmicrodeep_security_agentMatch10.0update29long_term_support
ORtrendmicrodeep_security_agentMatch10.0update3long_term_support
ORtrendmicrodeep_security_agentMatch10.0update30long_term_support
ORtrendmicrodeep_security_agentMatch10.0update31long_term_support
ORtrendmicrodeep_security_agentMatch10.0update4long_term_support
ORtrendmicrodeep_security_agentMatch10.0update5long_term_support
ORtrendmicrodeep_security_agentMatch10.0update6long_term_support
ORtrendmicrodeep_security_agentMatch10.0update7long_term_support
ORtrendmicrodeep_security_agentMatch10.0update8long_term_support
ORtrendmicrodeep_security_agentMatch10.0update9long_term_support
ORtrendmicrodeep_security_agentMatch11.0-long_term_support
ORtrendmicrodeep_security_agentMatch11.0update1long_term_support
ORtrendmicrodeep_security_agentMatch11.0update10long_term_support
ORtrendmicrodeep_security_agentMatch11.0update11long_term_support
ORtrendmicrodeep_security_agentMatch11.0update12long_term_support
ORtrendmicrodeep_security_agentMatch11.0update13long_term_support
ORtrendmicrodeep_security_agentMatch11.0update14long_term_support
ORtrendmicrodeep_security_agentMatch11.0update15long_term_support
ORtrendmicrodeep_security_agentMatch11.0update16long_term_support
ORtrendmicrodeep_security_agentMatch11.0update17long_term_support
ORtrendmicrodeep_security_agentMatch11.0update18long_term_support
ORtrendmicrodeep_security_agentMatch11.0update19long_term_support
ORtrendmicrodeep_security_agentMatch11.0update2long_term_support
ORtrendmicrodeep_security_agentMatch11.0update20long_term_support
ORtrendmicrodeep_security_agentMatch11.0update21long_term_support
ORtrendmicrodeep_security_agentMatch11.0update22long_term_support
ORtrendmicrodeep_security_agentMatch11.0update23long_term_support
ORtrendmicrodeep_security_agentMatch11.0update24long_term_support
ORtrendmicrodeep_security_agentMatch11.0update25long_term_support
ORtrendmicrodeep_security_agentMatch11.0update26long_term_support
ORtrendmicrodeep_security_agentMatch11.0update27long_term_support
ORtrendmicrodeep_security_agentMatch11.0update3long_term_support
ORtrendmicrodeep_security_agentMatch11.0update4long_term_support
ORtrendmicrodeep_security_agentMatch11.0update5long_term_support
ORtrendmicrodeep_security_agentMatch11.0update6long_term_support
ORtrendmicrodeep_security_agentMatch11.0update7long_term_support
ORtrendmicrodeep_security_agentMatch11.0update8long_term_support
ORtrendmicrodeep_security_agentMatch11.0update9long_term_support
ORtrendmicrodeep_security_agentMatch12.0-long_term_support
ORtrendmicrodeep_security_agentMatch12.0update1long_term_support
ORtrendmicrodeep_security_agentMatch12.0update10long_term_support
ORtrendmicrodeep_security_agentMatch12.0update11long_term_support
ORtrendmicrodeep_security_agentMatch12.0update12long_term_support
ORtrendmicrodeep_security_agentMatch12.0update13long_term_support
ORtrendmicrodeep_security_agentMatch12.0update14long_term_support
ORtrendmicrodeep_security_agentMatch12.0update15long_term_support
ORtrendmicrodeep_security_agentMatch12.0update16long_term_support
ORtrendmicrodeep_security_agentMatch12.0update17long_term_support
ORtrendmicrodeep_security_agentMatch12.0update18long_term_support
ORtrendmicrodeep_security_agentMatch12.0update19long_term_support
ORtrendmicrodeep_security_agentMatch12.0update2long_term_support
ORtrendmicrodeep_security_agentMatch12.0update20long_term_support
ORtrendmicrodeep_security_agentMatch12.0update21long_term_support
ORtrendmicrodeep_security_agentMatch12.0update3long_term_support
ORtrendmicrodeep_security_agentMatch12.0update4long_term_support
ORtrendmicrodeep_security_agentMatch12.0update5long_term_support
ORtrendmicrodeep_security_agentMatch12.0update6long_term_support
ORtrendmicrodeep_security_agentMatch12.0update7long_term_support
ORtrendmicrodeep_security_agentMatch12.0update8long_term_support
ORtrendmicrodeep_security_agentMatch12.0update9long_term_support
linuxlinux_kernelMatch-
Related
cvelist
cvelist
CVE-2022-23120
2022-01-20 18:11:18
checkpoint_advisories
checkpoint_advisories
Trend Micro Deep Security Agent Code Injection (CVE-2022-23120)
2022-03-14 00:00:00
prion
prion
Code injection
2022-01-20 19:15:00
cve
cve
CVE-2022-23120
2022-01-20 19:15:07
cnvd
cnvd
Trend Micro Deep Security代η 注ε
₯ζΌζ΄
2022-01-23 00:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0005 Low
EPSS
Percentile
17.9%
Related for NVD:CVE-2022-23120