CVE-2019-9489
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
05/04/2019
Last modified:
24/09/2021
Description
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:trendmicro:apex_one:*:*:*:*:*:*:*:* | b1066 (including) | |
| cpe:2.3:a:trendmicro:apex_one_as_a_service:*:*:*:*:*:*:*:* | 2019-03-27 (excluding) | |
| cpe:2.3:a:trendmicro:business_security:9.0:sp3:*:*:*:*:*:* | ||
| cpe:2.3:a:trendmicro:officescan:11.0:sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:trendmicro:officescan:xg:*:*:*:*:*:*:* | ||
| cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:trendmicro:worry-free_business_security:9.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:trendmicro:worry-free_business_security:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page