NotCVE - vendor:"Trendmicro" product:"Serverprotect For Storage" version:"6.0"

4 results (0.009 seconds)

CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 1

CVE-2022-25331

https://notcve.org/view.php?id=CVE-2022-25331

24 Feb 2022 — Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. Unas excepciones no capturadas que pueden generarse en Trend Micro ServerProtection Information Server versión 6.0/5.8, podrían permitir a un atacante remoto bloquear el proceso • https://success.trendmicro.com/solution/000290507 •

CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 1

CVE-2022-25330

https://notcve.org/view.php?id=CVE-2022-25330

24 Feb 2022 — Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution. Unas condiciones de desbordamiento de enteros que se presentan en Trend Micro ServerProtect Information Server versión 6.0/5.8, podrían permitir a un atacante remoto bloquear el proceso o lograr una ejecución de código remota • https://success.trendmicro.com/solution/000290507 • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0

CVE-2022-25329

https://notcve.org/view.php?id=CVE-2022-25329

24 Feb 2022 — Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions. Trend Micro ServerProtect Information Server versión 6.0/5.8, usa una credencial estática para llevar a cabo la autenticación cuando es escrito un comando específico en la consola. Un atacante remoto no aut... • https://success.trendmicro.com/solution/000290507 • CWE-798: Use of Hard-coded Credentials •

CVSS: 5.5EPSS: 0%CPEs: 39EXPL: 0

CVE-2021-25252

https://notcve.org/view.php?id=CVE-2021-25252

03 Mar 2021 — Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. La API Virus Scan (VSAPI) y el Advanced Threat Scan Engine (ATSE) de Trend Micro, son susceptibles a una vulnerabilidad de agotamiento de la memoria que puede conllevar a una denegación de servicio o a un congelamiento del sistema si es explotada por un atacante usando ... • https://success.trendmicro.com/solution/000285675 • CWE-400: Uncontrolled Resource Consumption •