Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities found for Trend Micro ServerProtect for Storage by Trend Micro
CVE-2022-25331 (GCVE-0-2022-25331)
Vulnerability from cvelistv5 – Published: 2022-02-24 02:45 – Updated: 2024-08-03 04:36
VLAI
Summary
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
Severity
No CVSS data available.
CWE
- Command DoS
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000290507 | x_refsource_MISC |
| https://www.tenable.com/security/research/tra-2022-05 | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell NetWare |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T02:45:24.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-25331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000290507",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"name": "https://www.tenable.com/security/research/tra-2022-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-25331",
"datePublished": "2022-02-24T02:45:24.000Z",
"dateReserved": "2022-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25330 (GCVE-0-2022-25330)
Vulnerability from cvelistv5 – Published: 2022-02-24 02:45 – Updated: 2024-08-03 04:36
VLAI
Summary
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
Severity
No CVSS data available.
CWE
- Command Integer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000290507 | x_refsource_MISC |
| https://www.tenable.com/security/research/tra-2022-05 | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell NetWare |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T02:45:22.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-25330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000290507",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"name": "https://www.tenable.com/security/research/tra-2022-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-25330",
"datePublished": "2022-02-24T02:45:22.000Z",
"dateReserved": "2022-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25329 (GCVE-0-2022-25329)
Vulnerability from cvelistv5 – Published: 2022-02-24 02:45 – Updated: 2024-08-03 04:36
VLAI
Summary
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.
Severity
No CVSS data available.
CWE
- Static Credential
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000290507 | x_refsource_MISC |
| https://www.tenable.com/security/research/tra-2022-05 | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell NetWare |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Static Credential",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T02:45:21.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-25329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Static Credential"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000290507",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"name": "https://www.tenable.com/security/research/tra-2022-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-25329",
"datePublished": "2022-02-24T02:45:21.000Z",
"dateReserved": "2022-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36745 (GCVE-0-2021-36745)
Vulnerability from cvelistv5 – Published: 2021-09-29 10:21 – Updated: 2024-08-04 01:01
VLAI
Summary
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000289038 | x_refsource_MISC |
| https://success.trendmicro.com/jp/solution/000289030 | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell Netware |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000289038"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/jp/solution/000289030"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell Netware",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T10:21:30.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000289038"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/jp/solution/000289030"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-36745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell Netware",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000289038",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000289038"
},
{
"name": "https://success.trendmicro.com/jp/solution/000289030",
"refsource": "MISC",
"url": "https://success.trendmicro.com/jp/solution/000289030"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-36745",
"datePublished": "2021-09-29T10:21:30.000Z",
"dateReserved": "2021-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:01:59.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25331 (GCVE-0-2022-25331)
Vulnerability from nvd – Published: 2022-02-24 02:45 – Updated: 2024-08-03 04:36
VLAI
Summary
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
Severity
No CVSS data available.
CWE
- Command DoS
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000290507 | x_refsource_MISC |
| https://www.tenable.com/security/research/tra-2022-05 | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell NetWare |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T02:45:24.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-25331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000290507",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"name": "https://www.tenable.com/security/research/tra-2022-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-25331",
"datePublished": "2022-02-24T02:45:24.000Z",
"dateReserved": "2022-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25330 (GCVE-0-2022-25330)
Vulnerability from nvd – Published: 2022-02-24 02:45 – Updated: 2024-08-03 04:36
VLAI
Summary
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
Severity
No CVSS data available.
CWE
- Command Integer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000290507 | x_refsource_MISC |
| https://www.tenable.com/security/research/tra-2022-05 | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell NetWare |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T02:45:22.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-25330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000290507",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"name": "https://www.tenable.com/security/research/tra-2022-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-25330",
"datePublished": "2022-02-24T02:45:22.000Z",
"dateReserved": "2022-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25329 (GCVE-0-2022-25329)
Vulnerability from nvd – Published: 2022-02-24 02:45 – Updated: 2024-08-03 04:36
VLAI
Summary
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.
Severity
No CVSS data available.
CWE
- Static Credential
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000290507 | x_refsource_MISC |
| https://www.tenable.com/security/research/tra-2022-05 | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell NetWare |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Static Credential",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T02:45:21.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2022-25329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Static Credential"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000290507",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000290507"
},
{
"name": "https://www.tenable.com/security/research/tra-2022-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2022-25329",
"datePublished": "2022-02-24T02:45:21.000Z",
"dateReserved": "2022-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36745 (GCVE-0-2021-36745)
Vulnerability from nvd – Published: 2021-09-29 10:21 – Updated: 2024-08-04 01:01
VLAI
Summary
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://success.trendmicro.com/solution/000289038 | x_refsource_MISC |
| https://success.trendmicro.com/jp/solution/000289030 | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trend Micro | Trend Micro ServerProtect for Storage |
Affected:
6.0
|
|
| Trend Micro | Trend Micro ServerProtect for EMC Celerra |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Network Appliance Filers |
Affected:
5.8
|
|
| Trend Micro | Trend Micro ServerProtect for Microsoft Windows / Novell Netware |
Affected:
5.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/solution/000289038"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://success.trendmicro.com/jp/solution/000289030"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Trend Micro ServerProtect for Storage",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"product": "Trend Micro ServerProtect for EMC Celerra",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Network Appliance Filers",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
},
{
"product": "Trend Micro ServerProtect for Microsoft Windows / Novell Netware",
"vendor": "Trend Micro",
"versions": [
{
"status": "affected",
"version": "5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T10:21:30.000Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/solution/000289038"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://success.trendmicro.com/jp/solution/000289030"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-36745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro ServerProtect for Storage",
"version": {
"version_data": [
{
"version_value": "6.0"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for EMC Celerra",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Network Appliance Filers",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
},
{
"product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell Netware",
"version": {
"version_data": [
{
"version_value": "5.8"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://success.trendmicro.com/solution/000289038",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/000289038"
},
{
"name": "https://success.trendmicro.com/jp/solution/000289030",
"refsource": "MISC",
"url": "https://success.trendmicro.com/jp/solution/000289030"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1115/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2021-36745",
"datePublished": "2021-09-29T10:21:30.000Z",
"dateReserved": "2021-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:01:59.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}