CVE-2021-32465
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/08/2021
Last modified:
12/08/2021
Description
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
6.50
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:* | ||
cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page