A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.
References
Link | Resource |
---|---|
https://success.trendmicro.com/solution/000290104 | Mitigation Patch Vendor Advisory |
https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt | Exploit Third Party Advisory |
https://success.trendmicro.com/solution/000290104 | Mitigation Patch Vendor Advisory |
https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 06:48
Type | Values Removed | Values Added |
---|---|---|
References | () https://success.trendmicro.com/solution/000290104 - Mitigation, Patch, Vendor Advisory | |
References | () https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt - Exploit, Third Party Advisory |
27 Jan 2022, 16:09
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://success.trendmicro.com/solution/000290104 - Mitigation, Patch, Vendor Advisory | |
References | (MISC) https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt - Exploit, Third Party Advisory | |
CWE | CWE-22 | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.5 |
CPE | cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:* cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:* |
20 Jan 2022, 19:46
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-20 19:15
Updated : 2024-11-21 06:48
NVD link : CVE-2022-23119
Mitre link : CVE-2022-23119
CVE.ORG link : CVE-2022-23119
JSON object : View
Products Affected
trendmicro
- deep_security_agent
linux
- linux_kernel
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')