Cross-Site Scripting Vulnerability in Trend Micro Apex Central
CVE-2023-32534

6.1MEDIUM

Key Information:

Vendor
Trend Micro
Status
Trend Micro Apex Central
Vendor
CVE Published:
26 June 2023

Summary

Certain dashboard widgets within Trend Micro Apex Central (on-premise) are susceptible to cross-site scripting (XSS) vulnerabilities. These weaknesses could potentially allow attackers to execute remote code on compromised servers. Vigilance is necessary as such vulnerabilities can lead to significant security breaches if exploited.

Affected Version(s)

Trend Micro Apex Central 2019 (8.0) < 8.0.0.6394

References

https://success.trendmicro.com/dcx/s/solution/000293107?l...
https://www.zerodayinitiative.com/advisories/ZDI-23-725/

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.