Trendmicro Serverprotect — known CVE vulnerabilities
Every CVE whose affected-product data names Trendmicro Serverprotect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2022-25329 — CVSS 9.8 (critical): Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in…
CVE-2021-36745 — CVSS 9.8 (critical): A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers…
CVE-2017-9034 — CVSS 9.8 (critical): Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code…
CVE-2022-25330 — CVSS 9.8 (critical): Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the…
CVE-2020-24561 — CVSS 9.1 (critical): A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an…
CVE-2017-9033 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack…
CVE-2017-9036 — CVSS 7.8 (high): Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine…
CVE-2022-25331 — CVSS 7.5 (high): Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash…
CVE-2017-9035 — CVSS 7.4 (high): Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted…
CVE-2019-14688 — CVSS 7.0 (high): Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had…
CVE-2020-8607 — CVSS 6.7 (medium): An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection…
CVE-2020-28575 — CVSS 6.7 (medium): A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to…
CVE-2017-9032 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to…
CVE-2017-9037 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to…
CVE-2021-25226 — CVSS 5.5 (medium): A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can…
CVE-2021-25252 — CVSS 5.5 (medium): Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may…
CVE-2021-25225 — CVSS 5.5 (medium): A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can…
CVE-2021-25224 — CVSS 5.5 (medium): A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can…