CRITICAL🇵🇱 Wersja polska

CVE-2020-24561

CVSS 9.1v3.1pub. 2020-09-15upd. 2024-11-21

A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Trendmicro Serverprotect

    APP
    Trendmicro
    3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2022-25329CRITICAL9.8ten sam produkt

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a...

CVE-2022-25330CRITICAL9.8ten sam produkt

Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a r...

CVE-2021-36745CRITICAL9.8ten sam produkt

A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect...

CVE-2017-9034CRITICAL9.8ten sam produkt

Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and conseq...

CVE-2022-25331HIGH7.5ten sam produkt

Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could all...