admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-10-21 08:01:02 +00:00
parent a2b7e68889
commit 042cd1905d
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
11 changed files with 826 additions and 770 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

148
2021/23xxx/CVE-2021-23139.json
View File

@ -1,73 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-23139",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019"
}
]
}
},
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations.\r\n"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Null Pointer"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://success.trendmicro.com/solution/000289230"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-23139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null Pointer"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://success.trendmicro.com/solution/000289230",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289230"
}
]
}
}

128
2021/42xxx/CVE-2021-42011.json
View File

@ -1,63 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42011",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect Permission Assignment Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1220/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1220/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1220/"
}
]
}
}

156
2021/42xxx/CVE-2021-42012.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42012",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Stack-based Buffer Overflow Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://success.trendmicro.com/solution/000289230"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1221/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://success.trendmicro.com/solution/000289230",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289230"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1221/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1221/"
}
]
}
}

128
2021/42xxx/CVE-2021-42101.json
View File

@ -1,63 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42101",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations.\r\n\r\nAn attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar but not identical to CVE-2021-42103."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Uncontrolled Search Path Element Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1219/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42103."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Search Path Element Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1219/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1219/"
}
]
}
}

128
2021/42xxx/CVE-2021-42102.json
View File

@ -1,63 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42102",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations.\r\n\r\nAn attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\n"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Uncontrolled Search Path Element Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1222/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Search Path Element Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1222/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1222/"
}
]
}
}

128
2021/42xxx/CVE-2021-42103.json
View File

@ -1,63 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42103",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations.\r\n\r\nAn attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar but not identical to CVE-2021-42101."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Uncontrolled Search Path Element Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1213/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42101."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Search Path Element Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1213/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1213/"
}
]
}
}

156
2021/42xxx/CVE-2021-42104.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42104",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://success.trendmicro.com/solution/000289230"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1216/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://success.trendmicro.com/solution/000289230",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289230"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1216/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1216/"
}
]
}
}

156
2021/42xxx/CVE-2021-42105.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42105",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to but not identical to CVE-2021-42104, 42106 and 42107."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://success.trendmicro.com/solution/000289230"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1215/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42106 and 42107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://success.trendmicro.com/solution/000289230",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289230"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1215/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1215/"
}
]
}
}

156
2021/42xxx/CVE-2021-42106.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42106",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42107."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://success.trendmicro.com/solution/000289230"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1218/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://success.trendmicro.com/solution/000289230",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289230"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1218/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1218/"
}
]
}
}

156
2021/42xxx/CVE-2021-42107.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42107",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42106."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://success.trendmicro.com/solution/000289230"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1214/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1, Services (SaaS)"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42106."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://success.trendmicro.com/solution/000289230",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289230"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1214/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1214/"
}
]
}
}

156
2021/42xxx/CVE-2021-42108.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-42108",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro Worry-Free Business Security",
"version" : {
"version_data" : [
{
"version_value" : "10.0 SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\n"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000289229"
},
{
"url" : "https://success.trendmicro.com/solution/000289230"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-1217/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-42108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro Worry-Free Business Security",
"version": {
"version_data": [
{
"version_value": "10.0 SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unnecessary Privileges Local Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000289229",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289229"
},
{
"url": "https://success.trendmicro.com/solution/000289230",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000289230"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1217/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1217/"
}
]
}
}