FKIE_CVE-2022-23119

Vulnerability from fkie_nvd - Published: 2022-01-20 19:15 - Updated: 2024-11-21 06:48
Severity
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.
References
security@trendmicro.comhttps://success.trendmicro.com/solution/000290104Mitigation, Patch, Vendor Advisory
security@trendmicro.comhttps://www.modzero.com/advisories/MZ-21-02-Trendmicro.txtExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://success.trendmicro.com/solution/000290104Mitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txtExploit, Third Party Advisory
Impacted products
Vendor Product Version
trendmicro deep_security_agent *
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 10.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 11.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
trendmicro deep_security_agent 12.0
linux linux_kernel -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B0C257E3-8965-419B-A1CF-A36A0694E772",
              "versionEndExcluding": "20.0.0-3445",
              "versionStartIncluding": "20.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "321EB924-8AD5-4BA2-808A-25F802B675B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "09B1BB7D-D806-43B6-B9C4-D7996545C92D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "FC319EA4-53C8-4DE2-AA77-AF51EF8EE2C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E75B8D37-71C4-46D8-BDEA-4092D3EA422A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "43976B40-11D5-43AB-9204-6D749204121B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F3D52AB1-7932-4257-A779-76A10FBEE4A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BD9BD10B-BE86-47AC-AB0C-A107A066B234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "36FED81B-AE50-42EB-9F86-37EF97C9453F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B7410926-0A0F-4D7D-93AE-11812B0BFAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E28EE556-D322-4B03-9C8B-F6DE9A73E3F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A009F12A-125E-4B4C-ABAD-AFDF52AC9E33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3A165D79-C3B8-453B-B845-FE7C75FCD887",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "42B6F868-C72D-49D1-B70F-25F6BDCD9A4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7130DB44-4550-4D28-8114-2C89C7490C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "283217E3-921F-407C-B08A-5D71C4A39AC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "353D2026-D8DA-4C4B-A933-6BF33C85751E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BF1DCC0C-E834-436F-8FB1-BD3E857FDCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "EC19A050-324B-427A-BE1C-B9030A07DB7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E06D04C4-B1F2-4CC0-BD7D-1125001A2211",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "14E90A61-DEC5-4EF0-BFD2-6740F20A8E5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "0FACE806-A137-4F32-A975-A0DCC7613252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "BDB1F56A-D134-49D8-88D0-F9E80E2051FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "EEC17CCA-83FF-45D3-9CDB-27C5E1FA1D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "03AC8F33-76DE-4159-8FB8-2552D420083A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "661512DC-94BF-4033-BCCF-CEB0B4CF30CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7DBDF5F7-124B-4776-9803-6A03FEDB2075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F0D3A45A-1D11-45E0-92D3-E7398CB049E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C22891AE-781F-4212-B1D3-9E4F5FB0C14E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A71E3B80-F9A9-45F6-95F5-B6B352FAC27D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "16AAC654-6F7E-4557-B03C-1EAD8C6ABB1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6E3B910C-0D6E-4E4A-BB0D-40A540AC3F06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "12A1E116-286E-4A47-A44E-360EEA8880AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E943BEB7-FE23-46EA-ADF0-7F98A4B3CA47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F88232D0-FEEF-485D-B1C9-221C4E967194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7C108DC0-117F-46ED-9A72-D876D8203A80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F67BDB9D-A5B8-4510-8C1D-963BBFF2DCA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1DBFF14B-08E0-4A49-8A74-919F3A5A3D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B909B6D7-52B8-4165-9864-3A05F25EC25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3B642F2C-D882-418E-8A24-6BD8C40DF42E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A78B7332-7A88-4BC3-9816-60438392C96D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B53E159E-9723-4AA2-AA30-B20FB8BE1823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "8BBC6429-3B3A-4CB2-9829-F0B3DEE23CC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D55E7CCF-A94E-469A-95EC-37D378AAFB62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "CB6149B2-EDDA-4AB0-B089-5F165776194E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E14C97A1-E3A1-44E4-9400-D2338809857A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "E9CA17B2-29B0-440E-9941-A286F11D3FBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C2DF06E1-A427-4F8C-B317-9BD4DF53BB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B5660651-78FC-4EB3-9C63-02AE21098F20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "84CB2D0C-D84D-420C-9BB7-1744F9D106D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "5E889298-AF8C-41FB-9130-5E977D4A9F5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "519FABA6-389D-4F7A-994A-0B6840FC01D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2BABC000-62AE-48EA-952E-E2735702C5FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "60502D21-2275-4A71-A1C3-E9F7730DC26F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F0A6CCFE-B2ED-495C-BAA7-6EBD86DB4DEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "625C44C4-6753-43F4-BD40-BC7B0BD4D063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A0A04ED2-5ED5-46E3-BE03-79AD3B31F08F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "8677CC3F-D1C5-493F-9078-3C47DE38C3C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F7D02C0C-CCA6-45DB-A3CC-8CB3454FE4DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "08C0A5A4-5F01-4DDE-84A2-816DEAA2CF3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "3807FB6F-B75B-425D-BF5F-0B6C2501908E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "7D8B777A-D631-476A-B161-D704F25A9BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "F2239884-756F-4032-BC83-38969192C062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "C85FB7B4-15AB-4D71-B8E4-FD72BCA47943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "EEBC3261-6785-494A-AF69-9B9E92C1C449",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "4BDE013F-B4E8-433C-BD95-E6578E8B6E2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1BD1467E-E658-4F27-8123-6C27C99E95A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A9611071-E484-4F32-8F18-FD299A60E335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D65290CE-9638-45C4-96F9-C0B676FAA834",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "D257AA23-A28F-4110-819F-7D0F246DD2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "A9F8542C-ED04-483C-AB27-D4FE55558951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2616E2DF-8FB3-4B8C-B329-334D794242E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "9C9471AE-E7C2-4789-907D-EC5F1195431E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "4CB292C1-9467-4987-B670-927287503F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "0418BDF2-673B-40CF-BC64-7C4C24AA72FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "14370D4B-5141-4581-8F92-7F9BDB885282",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "2D2D0C04-948C-4B24-A6EC-FB54A57077F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "6F454D5A-1C03-42F6-8639-FC550F5D8B48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "1A824F50-CB92-4FE2-B097-C4DD9E8D65FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "DB62D225-22C1-4452-856A-EFE31CC6FA0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "FD084BE9-D333-4495-874D-4E7DF892494D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "B1CB2EC1-3CEF-4033-A6BB-328D53752BEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:*",
              "matchCriteriaId": "ED56C9F2-19A4-4E1E-BF02-8E192415E09F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de salto de directorio en Trend Micro Deep Security y Cloud One - Workload Security Agent para Linux versi\u00f3n 20 y anteriores, podr\u00eda permitir a un atacante leer archivos arbitrarios del sistema de archivos. Nota: un atacante debe obtener primero un acceso comprometido al Deep Security Manager (DSM) de destino o el agente de destino no debe estar a\u00fan activado o configurado para poder explotar esta vulnerabilidad"
    }
  ],
  "id": "CVE-2022-23119",
  "lastModified": "2024-11-21T06:48:02.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-20T19:15:07.907",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/solution/000290104"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/solution/000290104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.