VYPR

Apex One

by Trend Micro

CVEs (171)

  • CVE-2020-28583MedDec 1, 2020
    risk 0.35cvss 5.3epss 0.03

    An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.

  • CVE-2020-28582MedDec 1, 2020
    risk 0.35cvss 5.3epss 0.03

    An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.

  • CVE-2020-28577MedDec 1, 2020
    risk 0.35cvss 5.3epss 0.03

    An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.

  • CVE-2020-28576MedDec 1, 2020
    risk 0.35cvss 5.3epss 0.03

    An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.

  • CVE-2020-28573MedDec 1, 2020
    risk 0.35cvss 5.3epss 0.03

    An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server.

  • CVE-2023-32553MedJun 26, 2023
    risk 0.34cvss 5.3epss 0.00

    An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32552.

  • CVE-2019-19691MedDec 20, 2019
    risk 0.32cvss 4.9epss 0.01

    A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this…

  • CVE-2024-36307MedJun 10, 2024
    risk 0.31cvss 4.7epss 0.01

    A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute…

  • CVE-2020-25774MedSep 29, 2020
    risk 0.28cvss 4.3epss 0.02

    A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red information disclosure which would disclose sensitive information to an unprivileged account. User interaction is required to exploit this…

  • CVE-2025-54948KEVAug 5, 2025
    risk 0.13cvss epss 0.20

    A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

  • CVE-2025-54987Aug 5, 2025
    risk 0.00cvss epss 0.17

    A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different…

Page 9 of 9