Lucene search
K
TrendmicroTrend Vision One

5 matches found

CVE
CVE
added 2025/04/02 4:38 p.m.74 views

CVE-2025-31282

Affected software: Trend Vision One (Trend Micro) — Trend Vision One User Account component. Description from connected documents confirms a broken access control flaw that could let an administrator create users who then change the account’s role, enabling privilege escalation. Root cause identi...

7.2CVSS7.3AI score0.00255EPSS
CVE
CVE
added 2025/04/02 4:39 p.m.61 views

CVE-2025-31284

CVE-2025-31284 affects Trend Vision One Status component. The vulnerability was a broken access control that could let an administrator create users who could then change account roles and escalate privileges. Documents indicate the issue has been addressed on the backend service and is no longer...

7.2CVSS7.3AI score0.00257EPSS
CVE
CVE
added 2025/04/02 4:39 p.m.56 views

CVE-2025-31285

The CVE refers to a broken access control issue in Trend Vision One’s Role Name component that could enable an administrator to create users who can change account roles, leading to privilege escalation. The root cause is described as improper access control within that component. Multiple source...

7.2CVSS7.3AI score0.00257EPSS
CVE
CVE
added 2025/04/02 4:39 p.m.55 views

CVE-2025-31286

CVE-2025-31286 refers to an HTML injection vulnerability in Trend Vision One. A malicious user could have caused arbitrary code execution via the affected HTML injection pathway. The issue has been addressed on the backend service and is no longer considered an active vulnerability; no user actio...

9CVSS7.6AI score0.00413EPSS
CVE
CVE
added 2025/04/02 4:39 p.m.51 views

CVE-2025-31283

CVE-2025-31283 concerns Trend Micro Trend Vision One, specifically the User Roles component. The issue describes broken access control that could let an administrator create users who can subsequently change their account’s role, enabling privilege escalation. Multiple connected sources confirm t...

7.2CVSS7.3AI score0.00257EPSS