cve-2022-25329
Vulnerability from cvelistv5
Published
2022-02-24 02:45
Modified
2024-08-03 04:36
Severity ?
Summary
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.
References
security@trendmicro.comhttps://success.trendmicro.com/solution/000290507Patch, Vendor Advisory
security@trendmicro.comhttps://www.tenable.com/security/research/tra-2022-05Third Party Advisory
Impacted products
Trend MicroTrend Micro ServerProtect for Storage
Trend MicroTrend Micro ServerProtect for Microsoft Windows / Novell NetWare
Trend MicroTrend Micro ServerProtect for EMC Celerra
Trend MicroTrend Micro ServerProtect for Network Appliance Filers
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:36:06.803Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000290507"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2022-05"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro ServerProtect for Storage",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            }
          ]
        },
        {
          "product": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            }
          ]
        },
        {
          "product": "Trend Micro ServerProtect for EMC Celerra",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            }
          ]
        },
        {
          "product": "Trend Micro ServerProtect for Network Appliance Filers",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Static Credential",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-24T02:45:21",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000290507"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/research/tra-2022-05"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-25329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro ServerProtect for Storage",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro ServerProtect for Microsoft Windows / Novell NetWare",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.8"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro ServerProtect for EMC Celerra",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.8"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro ServerProtect for Network Appliance Filers",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Static Credential"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000290507",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000290507"
            },
            {
              "name": "https://www.tenable.com/security/research/tra-2022-05",
              "refsource": "MISC",
              "url": "https://www.tenable.com/security/research/tra-2022-05"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-25329",
    "datePublished": "2022-02-24T02:45:21",
    "dateReserved": "2022-02-18T00:00:00",
    "dateUpdated": "2024-08-03T04:36:06.803Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-25329\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2022-02-24T03:15:43.970\",\"lastModified\":\"2022-03-03T03:48:33.937\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.\"},{\"lang\":\"es\",\"value\":\"Trend Micro ServerProtect Information Server versi\u00f3n 6.0/5.8, usa una credencial est\u00e1tica para llevar a cabo la autenticaci\u00f3n cuando es escrito un comando espec\u00edfico en la consola. Un atacante remoto no autenticado con acceso al Information Server podr\u00eda aprovechar esto para registrarse en el servidor y llevar a cabo acciones autenticadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:serverprotect:5.8:*:*:*:*:emc:*:*\",\"matchCriteriaId\":\"0BD9FEA3-46A4-4CEF-97B5-27BC2120B082\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:serverprotect:5.8:*:*:*:*:netware:*:*\",\"matchCriteriaId\":\"82D38D59-9208-4101-89D8-367E53DA29D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:serverprotect:5.8:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"7293D7E6-196E-4C9F-B107-77FB2E770A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:serverprotect_for_network_appliance_filer:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40C2C76C-A4F7-4E97-B775-4B49D5E72860\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:serverprotect_for_storage:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96C4E3E9-6FCE-435A-A3E8-99514B00589C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/solution/000290507\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.tenable.com/security/research/tra-2022-05\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.