CyberSec.Space Logo
Back to CVE Browser

CVE-2019-18189

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1210%
EPSS Percentile5.32th
PublishedOct 28, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication.

Affected Platforms (CPE)

πŸ“¦
Trendmicro

Apex One

All versions
πŸ“¦
Trendmicro

Officescan

= 11.0
πŸ“¦
Trendmicro

Officescan

= xg
πŸ“¦
Trendmicro

Officescan

= xg
πŸ“¦
Trendmicro

Worry Free Business Security

= 9.5
πŸ“¦
Trendmicro

Worry Free Business Security

= 10.0
πŸ“¦
Trendmicro

Worry Free Business Security

= 10.0

References & Advisories

πŸ”— https://success.trendmicro.com/solution/000151732
πŸ”— https://success.trendmicro.com/solution/000151732

Related Vulnerabilities

CVE-2020-85999.8

Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arb...

CVE-2020-85989.8

Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service ...

CVE-2026-349269.2

Trend Micro Apex One is vulnerable to Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability. Apply mitigations per v...

CVE-2020-84678.8

A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote atta...