CVE-2023-38624

A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central 2019 lower than build 6481 could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

Multiple server-side request forgery vulnerabilities in Trend Micro Apex Central (July 2023)

Overview Trend Micro Apex Central is vulnerable to multiple server-side request forgeries. Trend Micro Incorporated has released Patch 5 build 6481 for Trend Micro Apex Central. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact...

PT-2023-4353 · Trend Micro · Trend Micro Apex Central

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex Central versions prior to build 6481 Description: A server-side request forgery SSRF vulnerability could allow an attacker to interact with internal or local services directly. The attacker must first obtain the ability to...

PT-2023-4351 · Trend Micro · Trend Micro Apex Central

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex Central versions prior to build 6481 Trend Micro Apex Central 2019 version = Build 6394 Description: The issue is related to insufficient validation of incoming requests in the modDeepSecurity widget of the monitoring panel o...