cvelistv5 - cve-2022-23119

CVE-2022-23119 (GCVE-0-2022-23119)

Vulnerability from cvelistv5 – Published: 2022-01-20 18:11 – Updated: 2024-08-03 03:36

Summary

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.

Severity ?

No CVSS data available.

CWE

Directory Traversal

Assigner

trendmicro

References

URL

Tags

	https://success.trendmicro.com/solution/000290104	x_refsource_MISC
	https://www.modzero.com/advisories/MZ-21-02-Trend…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Trend Micro	Trend Micro Deep Security Agent for Linux	Affected: 20, 12, 11, 10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:36:19.202Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000290104"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Deep Security Agent for Linux",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "20, 12, 11, 10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Directory Traversal",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-20T18:11:17",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000290104"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-23119",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Deep Security Agent for Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "20, 12, 11, 10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Directory Traversal"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000290104",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000290104"
            },
            {
              "name": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt",
              "refsource": "MISC",
              "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-23119",
    "datePublished": "2022-01-20T18:11:17",
    "dateReserved": "2022-01-11T00:00:00",
    "dateUpdated": "2024-08-03T03:36:19.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:*\", \"versionStartIncluding\": \"20.0\", \"versionEndExcluding\": \"20.0.0-3445\", \"matchCriteriaId\": \"B0C257E3-8965-419B-A1CF-A36A0694E772\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"321EB924-8AD5-4BA2-808A-25F802B675B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"09B1BB7D-D806-43B6-B9C4-D7996545C92D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"FC319EA4-53C8-4DE2-AA77-AF51EF8EE2C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"E75B8D37-71C4-46D8-BDEA-4092D3EA422A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"43976B40-11D5-43AB-9204-6D749204121B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"F3D52AB1-7932-4257-A779-76A10FBEE4A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"BD9BD10B-BE86-47AC-AB0C-A107A066B234\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"36FED81B-AE50-42EB-9F86-37EF97C9453F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"B7410926-0A0F-4D7D-93AE-11812B0BFAF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"E28EE556-D322-4B03-9C8B-F6DE9A73E3F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"A009F12A-125E-4B4C-ABAD-AFDF52AC9E33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"3A165D79-C3B8-453B-B845-FE7C75FCD887\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"42B6F868-C72D-49D1-B70F-25F6BDCD9A4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"7130DB44-4550-4D28-8114-2C89C7490C9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"283217E3-921F-407C-B08A-5D71C4A39AC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"353D2026-D8DA-4C4B-A933-6BF33C85751E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"BF1DCC0C-E834-436F-8FB1-BD3E857FDCF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"EC19A050-324B-427A-BE1C-B9030A07DB7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"E06D04C4-B1F2-4CC0-BD7D-1125001A2211\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"14E90A61-DEC5-4EF0-BFD2-6740F20A8E5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"0FACE806-A137-4F32-A975-A0DCC7613252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"BDB1F56A-D134-49D8-88D0-F9E80E2051FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"EEC17CCA-83FF-45D3-9CDB-27C5E1FA1D28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"03AC8F33-76DE-4159-8FB8-2552D420083A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"661512DC-94BF-4033-BCCF-CEB0B4CF30CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"7DBDF5F7-124B-4776-9803-6A03FEDB2075\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"F0D3A45A-1D11-45E0-92D3-E7398CB049E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"C22891AE-781F-4212-B1D3-9E4F5FB0C14E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"A71E3B80-F9A9-45F6-95F5-B6B352FAC27D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"16AAC654-6F7E-4557-B03C-1EAD8C6ABB1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"6E3B910C-0D6E-4E4A-BB0D-40A540AC3F06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"12A1E116-286E-4A47-A44E-360EEA8880AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"E943BEB7-FE23-46EA-ADF0-7F98A4B3CA47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"F88232D0-FEEF-485D-B1C9-221C4E967194\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"7C108DC0-117F-46ED-9A72-D876D8203A80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"F67BDB9D-A5B8-4510-8C1D-963BBFF2DCA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"1DBFF14B-08E0-4A49-8A74-919F3A5A3D4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"B909B6D7-52B8-4165-9864-3A05F25EC25C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"3B642F2C-D882-418E-8A24-6BD8C40DF42E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"A78B7332-7A88-4BC3-9816-60438392C96D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"B53E159E-9723-4AA2-AA30-B20FB8BE1823\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"8BBC6429-3B3A-4CB2-9829-F0B3DEE23CC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"D55E7CCF-A94E-469A-95EC-37D378AAFB62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"CB6149B2-EDDA-4AB0-B089-5F165776194E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"E14C97A1-E3A1-44E4-9400-D2338809857A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"E9CA17B2-29B0-440E-9941-A286F11D3FBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"C2DF06E1-A427-4F8C-B317-9BD4DF53BB75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"B5660651-78FC-4EB3-9C63-02AE21098F20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"84CB2D0C-D84D-420C-9BB7-1744F9D106D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"5E889298-AF8C-41FB-9130-5E977D4A9F5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"519FABA6-389D-4F7A-994A-0B6840FC01D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"2BABC000-62AE-48EA-952E-E2735702C5FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"60502D21-2275-4A71-A1C3-E9F7730DC26F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"F0A6CCFE-B2ED-495C-BAA7-6EBD86DB4DEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"625C44C4-6753-43F4-BD40-BC7B0BD4D063\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"A0A04ED2-5ED5-46E3-BE03-79AD3B31F08F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"8677CC3F-D1C5-493F-9078-3C47DE38C3C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"F7D02C0C-CCA6-45DB-A3CC-8CB3454FE4DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"08C0A5A4-5F01-4DDE-84A2-816DEAA2CF3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"3807FB6F-B75B-425D-BF5F-0B6C2501908E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"7D8B777A-D631-476A-B161-D704F25A9BD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"F2239884-756F-4032-BC83-38969192C062\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"C85FB7B4-15AB-4D71-B8E4-FD72BCA47943\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"EEBC3261-6785-494A-AF69-9B9E92C1C449\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"4BDE013F-B4E8-433C-BD95-E6578E8B6E2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"1BD1467E-E658-4F27-8123-6C27C99E95A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"A9611071-E484-4F32-8F18-FD299A60E335\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"D65290CE-9638-45C4-96F9-C0B676FAA834\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"D257AA23-A28F-4110-819F-7D0F246DD2DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"A9F8542C-ED04-483C-AB27-D4FE55558951\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"2616E2DF-8FB3-4B8C-B329-334D794242E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"9C9471AE-E7C2-4789-907D-EC5F1195431E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"4CB292C1-9467-4987-B670-927287503F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"0418BDF2-673B-40CF-BC64-7C4C24AA72FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"14370D4B-5141-4581-8F92-7F9BDB885282\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"2D2D0C04-948C-4B24-A6EC-FB54A57077F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"6F454D5A-1C03-42F6-8639-FC550F5D8B48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"1A824F50-CB92-4FE2-B097-C4DD9E8D65FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"DB62D225-22C1-4452-856A-EFE31CC6FA0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"FD084BE9-D333-4495-874D-4E7DF892494D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"B1CB2EC1-3CEF-4033-A6BB-328D53752BEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:*\", \"matchCriteriaId\": \"ED56C9F2-19A4-4E1E-BF02-8E192415E09F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de salto de directorio en Trend Micro Deep Security y Cloud One - Workload Security Agent para Linux versi\\u00f3n 20 y anteriores, podr\\u00eda permitir a un atacante leer archivos arbitrarios del sistema de archivos. Nota: un atacante debe obtener primero un acceso comprometido al Deep Security Manager (DSM) de destino o el agente de destino no debe estar a\\u00fan activado o configurado para poder explotar esta vulnerabilidad\"}]",
      "id": "CVE-2022-23119",
      "lastModified": "2024-11-21T06:48:02.010",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-01-20T19:15:07.907",
      "references": "[{\"url\": \"https://success.trendmicro.com/solution/000290104\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://success.trendmicro.com/solution/000290104\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-23119\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2022-01-20T19:15:07.907\",\"lastModified\":\"2024-11-21T06:48:02.010\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de salto de directorio en Trend Micro Deep Security y Cloud One - Workload Security Agent para Linux versi\u00f3n 20 y anteriores, podr\u00eda permitir a un atacante leer archivos arbitrarios del sistema de archivos. Nota: un atacante debe obtener primero un acceso comprometido al Deep Security Manager (DSM) de destino o el agente de destino no debe estar a\u00fan activado o configurado para poder explotar esta vulnerabilidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:*\",\"versionStartIncluding\":\"20.0\",\"versionEndExcluding\":\"20.0.0-3445\",\"matchCriteriaId\":\"B0C257E3-8965-419B-A1CF-A36A0694E772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"321EB924-8AD5-4BA2-808A-25F802B675B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"09B1BB7D-D806-43B6-B9C4-D7996545C92D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"FC319EA4-53C8-4DE2-AA77-AF51EF8EE2C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"E75B8D37-71C4-46D8-BDEA-4092D3EA422A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"43976B40-11D5-43AB-9204-6D749204121B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"F3D52AB1-7932-4257-A779-76A10FBEE4A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"BD9BD10B-BE86-47AC-AB0C-A107A066B234\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"36FED81B-AE50-42EB-9F86-37EF97C9453F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"B7410926-0A0F-4D7D-93AE-11812B0BFAF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"E28EE556-D322-4B03-9C8B-F6DE9A73E3F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"A009F12A-125E-4B4C-ABAD-AFDF52AC9E33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"3A165D79-C3B8-453B-B845-FE7C75FCD887\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"42B6F868-C72D-49D1-B70F-25F6BDCD9A4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"7130DB44-4550-4D28-8114-2C89C7490C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"283217E3-921F-407C-B08A-5D71C4A39AC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"353D2026-D8DA-4C4B-A933-6BF33C85751E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"BF1DCC0C-E834-436F-8FB1-BD3E857FDCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"EC19A050-324B-427A-BE1C-B9030A07DB7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"E06D04C4-B1F2-4CC0-BD7D-1125001A2211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"14E90A61-DEC5-4EF0-BFD2-6740F20A8E5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"0FACE806-A137-4F32-A975-A0DCC7613252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"BDB1F56A-D134-49D8-88D0-F9E80E2051FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"EEC17CCA-83FF-45D3-9CDB-27C5E1FA1D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"03AC8F33-76DE-4159-8FB8-2552D420083A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"661512DC-94BF-4033-BCCF-CEB0B4CF30CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"7DBDF5F7-124B-4776-9803-6A03FEDB2075\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"F0D3A45A-1D11-45E0-92D3-E7398CB049E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"C22891AE-781F-4212-B1D3-9E4F5FB0C14E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"A71E3B80-F9A9-45F6-95F5-B6B352FAC27D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"16AAC654-6F7E-4557-B03C-1EAD8C6ABB1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"6E3B910C-0D6E-4E4A-BB0D-40A540AC3F06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"12A1E116-286E-4A47-A44E-360EEA8880AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"E943BEB7-FE23-46EA-ADF0-7F98A4B3CA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"F88232D0-FEEF-485D-B1C9-221C4E967194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"7C108DC0-117F-46ED-9A72-D876D8203A80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"F67BDB9D-A5B8-4510-8C1D-963BBFF2DCA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"1DBFF14B-08E0-4A49-8A74-919F3A5A3D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"B909B6D7-52B8-4165-9864-3A05F25EC25C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"3B642F2C-D882-418E-8A24-6BD8C40DF42E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"A78B7332-7A88-4BC3-9816-60438392C96D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"B53E159E-9723-4AA2-AA30-B20FB8BE1823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"8BBC6429-3B3A-4CB2-9829-F0B3DEE23CC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"D55E7CCF-A94E-469A-95EC-37D378AAFB62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"CB6149B2-EDDA-4AB0-B089-5F165776194E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"E14C97A1-E3A1-44E4-9400-D2338809857A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"E9CA17B2-29B0-440E-9941-A286F11D3FBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"C2DF06E1-A427-4F8C-B317-9BD4DF53BB75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"B5660651-78FC-4EB3-9C63-02AE21098F20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"84CB2D0C-D84D-420C-9BB7-1744F9D106D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"5E889298-AF8C-41FB-9130-5E977D4A9F5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"519FABA6-389D-4F7A-994A-0B6840FC01D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"2BABC000-62AE-48EA-952E-E2735702C5FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"60502D21-2275-4A71-A1C3-E9F7730DC26F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"F0A6CCFE-B2ED-495C-BAA7-6EBD86DB4DEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"625C44C4-6753-43F4-BD40-BC7B0BD4D063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"A0A04ED2-5ED5-46E3-BE03-79AD3B31F08F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"8677CC3F-D1C5-493F-9078-3C47DE38C3C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"F7D02C0C-CCA6-45DB-A3CC-8CB3454FE4DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"08C0A5A4-5F01-4DDE-84A2-816DEAA2CF3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"3807FB6F-B75B-425D-BF5F-0B6C2501908E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"7D8B777A-D631-476A-B161-D704F25A9BD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"F2239884-756F-4032-BC83-38969192C062\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"C85FB7B4-15AB-4D71-B8E4-FD72BCA47943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"EEBC3261-6785-494A-AF69-9B9E92C1C449\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"4BDE013F-B4E8-433C-BD95-E6578E8B6E2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"1BD1467E-E658-4F27-8123-6C27C99E95A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"A9611071-E484-4F32-8F18-FD299A60E335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"D65290CE-9638-45C4-96F9-C0B676FAA834\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"D257AA23-A28F-4110-819F-7D0F246DD2DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"A9F8542C-ED04-483C-AB27-D4FE55558951\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"2616E2DF-8FB3-4B8C-B329-334D794242E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"9C9471AE-E7C2-4789-907D-EC5F1195431E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"4CB292C1-9467-4987-B670-927287503F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"0418BDF2-673B-40CF-BC64-7C4C24AA72FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"14370D4B-5141-4581-8F92-7F9BDB885282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"2D2D0C04-948C-4B24-A6EC-FB54A57077F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"6F454D5A-1C03-42F6-8639-FC550F5D8B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"1A824F50-CB92-4FE2-B097-C4DD9E8D65FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"DB62D225-22C1-4452-856A-EFE31CC6FA0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"FD084BE9-D333-4495-874D-4E7DF892494D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"B1CB2EC1-3CEF-4033-A6BB-328D53752BEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:*\",\"matchCriteriaId\":\"ED56C9F2-19A4-4E1E-BF02-8E192415E09F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/solution/000290104\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://success.trendmicro.com/solution/000290104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

FKIE_CVE-2022-23119

Vulnerability from fkie_nvd - Published: 2022-01-20 19:15 - Updated: 2024-11-21 06:48

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security@trendmicro.com	https://success.trendmicro.com/solution/000290104	Mitigation, Patch, Vendor Advisory
security@trendmicro.com	https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://success.trendmicro.com/solution/000290104	Mitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
trendmicro	deep_security_agent	*
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	10.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	11.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
trendmicro	deep_security_agent	12.0
linux	linux_kernel	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B0C257E3-8965-419B-A1CF-A36A0694E772",
              "versionEndExcluding": "20.0.0-3445",
              "versionStartIncluding": "20.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "321EB924-8AD5-4BA2-808A-25F802B675B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "09B1BB7D-D806-43B6-B9C4-D7996545C92D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "FC319EA4-53C8-4DE2-AA77-AF51EF8EE2C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E75B8D37-71C4-46D8-BDEA-4092D3EA422A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "43976B40-11D5-43AB-9204-6D749204121B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F3D52AB1-7932-4257-A779-76A10FBEE4A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BD9BD10B-BE86-47AC-AB0C-A107A066B234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "36FED81B-AE50-42EB-9F86-37EF97C9453F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B7410926-0A0F-4D7D-93AE-11812B0BFAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E28EE556-D322-4B03-9C8B-F6DE9A73E3F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A009F12A-125E-4B4C-ABAD-AFDF52AC9E33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3A165D79-C3B8-453B-B845-FE7C75FCD887",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "42B6F868-C72D-49D1-B70F-25F6BDCD9A4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7130DB44-4550-4D28-8114-2C89C7490C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "283217E3-921F-407C-B08A-5D71C4A39AC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "353D2026-D8DA-4C4B-A933-6BF33C85751E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BF1DCC0C-E834-436F-8FB1-BD3E857FDCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "EC19A050-324B-427A-BE1C-B9030A07DB7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E06D04C4-B1F2-4CC0-BD7D-1125001A2211",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "14E90A61-DEC5-4EF0-BFD2-6740F20A8E5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "0FACE806-A137-4F32-A975-A0DCC7613252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BDB1F56A-D134-49D8-88D0-F9E80E2051FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "EEC17CCA-83FF-45D3-9CDB-27C5E1FA1D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "03AC8F33-76DE-4159-8FB8-2552D420083A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "661512DC-94BF-4033-BCCF-CEB0B4CF30CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7DBDF5F7-124B-4776-9803-6A03FEDB2075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F0D3A45A-1D11-45E0-92D3-E7398CB049E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C22891AE-781F-4212-B1D3-9E4F5FB0C14E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A71E3B80-F9A9-45F6-95F5-B6B352FAC27D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "16AAC654-6F7E-4557-B03C-1EAD8C6ABB1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6E3B910C-0D6E-4E4A-BB0D-40A540AC3F06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "12A1E116-286E-4A47-A44E-360EEA8880AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E943BEB7-FE23-46EA-ADF0-7F98A4B3CA47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F88232D0-FEEF-485D-B1C9-221C4E967194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7C108DC0-117F-46ED-9A72-D876D8203A80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F67BDB9D-A5B8-4510-8C1D-963BBFF2DCA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1DBFF14B-08E0-4A49-8A74-919F3A5A3D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B909B6D7-52B8-4165-9864-3A05F25EC25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3B642F2C-D882-418E-8A24-6BD8C40DF42E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A78B7332-7A88-4BC3-9816-60438392C96D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B53E159E-9723-4AA2-AA30-B20FB8BE1823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "8BBC6429-3B3A-4CB2-9829-F0B3DEE23CC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D55E7CCF-A94E-469A-95EC-37D378AAFB62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "CB6149B2-EDDA-4AB0-B089-5F165776194E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E14C97A1-E3A1-44E4-9400-D2338809857A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E9CA17B2-29B0-440E-9941-A286F11D3FBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C2DF06E1-A427-4F8C-B317-9BD4DF53BB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B5660651-78FC-4EB3-9C63-02AE21098F20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "84CB2D0C-D84D-420C-9BB7-1744F9D106D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "5E889298-AF8C-41FB-9130-5E977D4A9F5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "519FABA6-389D-4F7A-994A-0B6840FC01D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2BABC000-62AE-48EA-952E-E2735702C5FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "60502D21-2275-4A71-A1C3-E9F7730DC26F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F0A6CCFE-B2ED-495C-BAA7-6EBD86DB4DEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "625C44C4-6753-43F4-BD40-BC7B0BD4D063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A0A04ED2-5ED5-46E3-BE03-79AD3B31F08F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "8677CC3F-D1C5-493F-9078-3C47DE38C3C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F7D02C0C-CCA6-45DB-A3CC-8CB3454FE4DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "08C0A5A4-5F01-4DDE-84A2-816DEAA2CF3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3807FB6F-B75B-425D-BF5F-0B6C2501908E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7D8B777A-D631-476A-B161-D704F25A9BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F2239884-756F-4032-BC83-38969192C062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C85FB7B4-15AB-4D71-B8E4-FD72BCA47943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "EEBC3261-6785-494A-AF69-9B9E92C1C449",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "4BDE013F-B4E8-433C-BD95-E6578E8B6E2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1BD1467E-E658-4F27-8123-6C27C99E95A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A9611071-E484-4F32-8F18-FD299A60E335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D65290CE-9638-45C4-96F9-C0B676FAA834",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D257AA23-A28F-4110-819F-7D0F246DD2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A9F8542C-ED04-483C-AB27-D4FE55558951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2616E2DF-8FB3-4B8C-B329-334D794242E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9C9471AE-E7C2-4789-907D-EC5F1195431E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "4CB292C1-9467-4987-B670-927287503F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "0418BDF2-673B-40CF-BC64-7C4C24AA72FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "14370D4B-5141-4581-8F92-7F9BDB885282",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2D2D0C04-948C-4B24-A6EC-FB54A57077F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6F454D5A-1C03-42F6-8639-FC550F5D8B48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1A824F50-CB92-4FE2-B097-C4DD9E8D65FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "DB62D225-22C1-4452-856A-EFE31CC6FA0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "FD084BE9-D333-4495-874D-4E7DF892494D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B1CB2EC1-3CEF-4033-A6BB-328D53752BEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "ED56C9F2-19A4-4E1E-BF02-8E192415E09F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de salto de directorio en Trend Micro Deep Security y Cloud One - Workload Security Agent para Linux versi\u00f3n 20 y anteriores, podr\u00eda permitir a un atacante leer archivos arbitrarios del sistema de archivos. Nota: un atacante debe obtener primero un acceso comprometido al Deep Security Manager (DSM) de destino o el agente de destino no debe estar a\u00fan activado o configurado para poder explotar esta vulnerabilidad"
    }
  ],
  "id": "CVE-2022-23119",
  "lastModified": "2024-11-21T06:48:02.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-20T19:15:07.907",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/solution/000290104"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/solution/000290104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2022-AVI-061

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans TrendMicro Deep Security Agent. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 11.x antérieures à 11.0 Update 28
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 20.x antérieures à 20.0.0-3445
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 12.x antérieures à 12.0 Update 22
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 10.x antérieures à 10.0 Update 32

References

Title

Publication Time

Tags

Bulletin de sécurité TrendMicro 000290104 du 19 janvier 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "TrendMicro Deep Security Agent versions 11.x ant\u00e9rieures \u00e0 11.0 Update 28",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "TrendMicro Deep Security Agent versions 20.x ant\u00e9rieures \u00e0 20.0.0-3445",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "TrendMicro Deep Security Agent versions 12.x ant\u00e9rieures \u00e0 12.0 Update 22",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "TrendMicro Deep Security Agent versions 10.x ant\u00e9rieures \u00e0 10.0 Update 32",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-23120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23120"
    },
    {
      "name": "CVE-2022-23119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23119"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-061",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-01-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans TrendMicro Deep\nSecurity Agent. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans TrendMicro Deep Security Agent",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TrendMicro 000290104 du 19 janvier 2022",
      "url": "https://success.trendmicro.com/solution/000290104"
    }
  ]
}

CERTFR-2022-AVI-061

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 11.x antérieures à 11.0 Update 28
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 20.x antérieures à 20.0.0-3445
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 12.x antérieures à 12.0 Update 22
Trend Micro	Deep Security Agent	TrendMicro Deep Security Agent versions 10.x antérieures à 10.0 Update 32

References

Title

Publication Time

Tags

Bulletin de sécurité TrendMicro 000290104 du 19 janvier 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "TrendMicro Deep Security Agent versions 11.x ant\u00e9rieures \u00e0 11.0 Update 28",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "TrendMicro Deep Security Agent versions 20.x ant\u00e9rieures \u00e0 20.0.0-3445",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "TrendMicro Deep Security Agent versions 12.x ant\u00e9rieures \u00e0 12.0 Update 22",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "TrendMicro Deep Security Agent versions 10.x ant\u00e9rieures \u00e0 10.0 Update 32",
      "product": {
        "name": "Deep Security Agent",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-23120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23120"
    },
    {
      "name": "CVE-2022-23119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23119"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-061",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-01-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans TrendMicro Deep\nSecurity Agent. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans TrendMicro Deep Security Agent",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TrendMicro 000290104 du 19 janvier 2022",
      "url": "https://success.trendmicro.com/solution/000290104"
    }
  ]
}

GHSA-RHW6-MFVP-RWR4

Vulnerability from github – Published: 2022-01-21 00:00 – Updated: 2022-01-28 00:03

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-23119"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-20T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.",
  "id": "GHSA-rhw6-mfvp-rwr4",
  "modified": "2022-01-28T00:03:57Z",
  "published": "2022-01-21T00:00:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23119"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/000290104"
    },
    {
      "type": "WEB",
      "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

JVNDB-2022-001097

Vulnerability from jvndb - Published: 2022-01-25 13:35 - Updated:2022-01-25 13:35

Severity ?

7.0 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux

Details

Deep Security and Cloud One - Workload Security Agent for Linux provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. * Directory Traversal (CWE-22) - CVE-2022-23119 * Code Injection (CWE-94) - CVE-2022-23120 As of 2022 January 24, a Proof-of-Concept (PoC) code exploiting these vulnerabilities have already been made public. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

References

Type

URL

	JVN	https://jvn.jp/en/vu/JVNVU95024141/
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-23119
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-23120
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-23119
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-23120
	Path Traversal(CWE-22)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Code Injection(CWE-94)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Trend Micro, Inc.	Cloud One Workload Security
	Trend Micro, Inc.	Deep Security Agent

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001097.html",
  "dc:date": "2022-01-25T13:35+09:00",
  "dcterms:issued": "2022-01-25T13:35+09:00",
  "dcterms:modified": "2022-01-25T13:35+09:00",
  "description": "Deep Security and Cloud One - Workload Security Agent for Linux provided by Trend Micro Incorporated contain multiple vulnerabilities listed below.\r\n\r\n  * Directory Traversal (CWE-22) - CVE-2022-23119\r\n  * Code Injection (CWE-94) - CVE-2022-23120\r\n\r\nAs of 2022 January 24, a Proof-of-Concept (PoC) code exploiting these vulnerabilities have already been made public.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-001097.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:cloud_one_workload_security",
      "@product": "Cloud One Workload Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:deep_security_agent",
      "@product": "Deep Security Agent",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "4.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
      "@version": "2.0"
    },
    {
      "@score": "7.0",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2022-001097",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU95024141/",
      "@id": "JVNVU#95024141",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-23119",
      "@id": "CVE-2022-23119",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-23120",
      "@id": "CVE-2022-23120",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-23119",
      "@id": "CVE-2022-23119",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-23120",
      "@id": "CVE-2022-23120",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-22",
      "@title": "Path Traversal(CWE-22)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-94",
      "@title": "Code Injection(CWE-94)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux"
}

GSD-2022-23119

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-23119

Aliases

CVE-2022-23119

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-23119",
    "description": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.",
    "id": "GSD-2022-23119"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-23119"
      ],
      "details": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.",
      "id": "GSD-2022-23119",
      "modified": "2023-12-13T01:19:35.073649Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2022-23119",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro Deep Security Agent for Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "20, 12, 11, 10"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Directory Traversal"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://success.trendmicro.com/solution/000290104",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/solution/000290104"
          },
          {
            "name": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt",
            "refsource": "MISC",
            "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "20.0.0-3445",
                    "versionStartIncluding": "20.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-23119"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000290104",
              "refsource": "MISC",
              "tags": [
                "Mitigation",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/solution/000290104"
            },
            {
              "name": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-01-27T16:09Z",
      "publishedDate": "2022-01-20T19:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-23119 (GCVE-0-2022-23119)

FKIE_CVE-2022-23119

CERTFR-2022-AVI-061

Solution

CERTFR-2022-AVI-061

Solution

GHSA-RHW6-MFVP-RWR4

JVNDB-2022-001097

GSD-2022-23119

Tags

Sightings

Nomenclature