Email Verification Request Vulnerability in Trend Micro ID Security
CVE-2024-53647

6.5MEDIUM

Key Information:

Vendor: Trend Micro
Status: Trend Micro Id Security
Vendor: CVE Published:; 31 December 2024

Summary

The identified vulnerability in Trend Micro ID Security versions 3.0 and below enables an attacker to exploit the system by sending an unrestricted number of email verification requests. This flaw can lead to potential misuse or overwhelm the system, resulting in service disruptions. Organizations using these versions are urged to assess their security posture and consider applying necessary updates or patches to mitigate the risks associated with this vulnerability.

Affected Version(s)

Trend Micro ID Security 3.0

References

https://helpcenter.trendmicro.com/en-us/article/tmka-06710

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 31, 2024
Vulnerability Reserved
Nov 21, 2024

Collectors

NVD DatabaseMitre Database