CVE-2021-25232

Description

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database.

Affected products

Trend Micro / Trend Micro Apex One2019, SaaS – 2019, SaaS
Trend Micro / Trend Micro OfficeScanXG SP1 – XG SP1

References

MISChttps://success.trendmicro.com/solution/000284202
MISChttps://success.trendmicro.com/solution/000284205
VENDOR_ADVISORYhttps://www.zerodayinitiative.com/advisories/ZDI-21-107/