Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Deep Security Manager Security Vulnerabilities

cve
cve

CVE-2022-23119

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security...

7.5CVSS

7.4AI Score

0.002EPSS

2022-01-20 07:15 PM
39
cve
cve

CVE-2021-25252

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted...

5.5CVSS

5.4AI Score

0.0004EPSS

2021-03-03 04:15 PM
31
cve
cve

CVE-2020-15605

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents...

8.1CVSS

8.1AI Score

0.003EPSS

2020-08-27 09:15 PM
20
cve
cve

CVE-2020-15601

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this...

8.1CVSS

8.2AI Score

0.003EPSS

2020-08-27 09:15 PM
23
cve
cve

CVE-2020-8602

A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code...

7.2CVSS

7.2AI Score

0.003EPSS

2020-08-27 09:15 PM
22
cve
cve

CVE-2019-15626

The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or...

7.5CVSS

7.5AI Score

0.002EPSS

2019-10-17 07:15 PM
34
cve
cve

CVE-2019-9488

Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager...

4.9CVSS

5AI Score

0.001EPSS

2019-09-11 06:15 PM
25