cvelistv5 - cve-2023-0587

CVE-2023-0587 (GCVE-0-2023-0587)

Vulnerability from cvelistv5

Published

2023-02-01 00:00

Modified

2025-03-27 14:38

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE

File Upload Vulnerability

Summary

A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., \PCCSRV\TEMP\SampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed.

References

URL

Tags

https://www.tenable.com/security/research/tra-2023-5

Impacted products

	Vendor	Product	Version
	n/a	Trend Micro Apex One	Version: Build 11110

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:17:50.146Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2023-5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-0587",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-27T14:38:23.971435Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-434",
                "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-27T14:38:28.356Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.tenable.com/security/research/tra-2023-5"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex One",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Build 11110"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., \\PCCSRV\\TEMP\\SampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "File Upload Vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-03T22:11:40.626Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://www.tenable.com/security/research/tra-2023-5"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2023-0587",
    "datePublished": "2023-02-01T00:00:00.000Z",
    "dateReserved": "2023-01-30T00:00:00.000Z",
    "dateUpdated": "2025-03-27T14:38:28.356Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2023-AVI-0106

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans TrendMicro. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une élévation de privilèges et une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Trend Micro	Apex One	Apex One 2019 sans le correctif de sécurité SP1 b11564
ESET	Security	Worry-Free Business Security 10.0 SP1 sans le correctif de sécurité Patch 2454
N/A	N/A	Apex One as a Service sans le correctif de sécurité Build 202301 Security Agent version: 14.0.11960
ESET	Security	Worry-Free Business Security Services sans le correctif de sécurité (6.7.3064 / 14.2.3044)

References

Title

Publication Time

Tags

Bulletin de sécurité TrendMicro 000292209 du 08 février 2023	None	vendor-advisory
Bulletin de sécurité TrendMicro 000292202 du 08 février 2023	None	vendor-advisory
Bulletin de sécurité TrendMicro 000292209 du 09 février 2023	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apex One 2019 sans le correctif de s\u00e9curit\u00e9 SP1 b11564",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Worry-Free Business Security 10.0 SP1 sans le correctif de s\u00e9curit\u00e9 Patch 2454",
      "product": {
        "name": "Security",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One as a Service sans le correctif de s\u00e9curit\u00e9 Build 202301 Security Agent version: 14.0.11960",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Worry-Free Business Security Services sans le correctif de s\u00e9curit\u00e9 (6.7.3064 / 14.2.3044)",
      "product": {
        "name": "Security",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-25143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25143"
    },
    {
      "name": "CVE-2022-44649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-44649"
    },
    {
      "name": "CVE-2023-25146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25146"
    },
    {
      "name": "CVE-2023-25144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25144"
    },
    {
      "name": "CVE-2023-0587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0587"
    },
    {
      "name": "CVE-2022-44650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-44650"
    },
    {
      "name": "CVE-2022-45798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45798"
    },
    {
      "name": "CVE-2023-25148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25148"
    },
    {
      "name": "CVE-2023-25145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25145"
    },
    {
      "name": "CVE-2023-25147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25147"
    }
  ],
  "initial_release_date": "2023-02-09T00:00:00",
  "last_revision_date": "2023-02-09T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 TrendMicro 000292209 du 09 f\u00e9vrier 2023",
      "url": "https://success.trendmicro.com/dcx/s/solution/000292209?language=en_US"
    }
  ],
  "reference": "CERTFR-2023-AVI-0106",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-02-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eTrendMicro\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un contournement de la politique de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de\nprivil\u00e8ges et une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits TrendMicro",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TrendMicro 000292209 du 08 f\u00e9vrier 2023",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 TrendMicro 000292202 du 08 f\u00e9vrier 2023",
      "url": "https://success.trendmicro.com/dcx/s/solution/000292202?language=en_US"
    }
  ]
}

CERTFR-2023-AVI-0082

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Trend Micro Apex One. Elle permet à un attaquant de provoquer un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Trend Micro	Apex One	Apex One versions 2019 Server Build 11110 sans le correctif de sécurité Service Pack SP1 b11564
	Trend Micro	Apex One	Apex One as a Service versions antérieures à January 2023 Maintenance Hotfix - Build 202301 Security Agent 14.0.11960

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro 000292183 du 01 février 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apex One versions 2019 Server Build 11110 sans le correctif de s\u00e9curit\u00e9 Service Pack SP1 b11564",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One as a Service versions ant\u00e9rieures \u00e0 January 2023 Maintenance Hotfix - Build 202301 Security Agent 14.0.11960",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-0587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0587"
    }
  ],
  "initial_release_date": "2023-02-02T00:00:00",
  "last_revision_date": "2023-02-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0082",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-02-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Trend Micro Apex One. Elle\npermet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Trend Micro Apex One",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro 000292183 du 01 f\u00e9vrier 2023",
      "url": "https://success.trendmicro.com/dcx/s/solution/000292183"
    }
  ]
}

cve-2023-0587

Vulnerability from jvndb

Published

2023-03-02 17:33

Modified

2024-06-07 16:59

Severity ?

9.8 (Critical) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

Details

Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

References

Type

URL

	JVN	http://jvn.jp/en/vu/JVNVU96221942/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-0587
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-25143
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-25144
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-25145
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-25146
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-25147
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-25148
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-0587
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-25143
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-25144
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-25145
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-25146
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-25147
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-25148
	Unrestricted Upload of File with Dangerous Type(CWE-434)	https://cwe.mitre.org/data/definitions/434.html
	Uncontrolled Search Path Element(CWE-427)	https://cwe.mitre.org/data/definitions/427.html
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Link Following(CWE-59)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Trend Micro, Inc.	Apex One
	Trend Micro, Inc.	Apex One as a Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001292.html",
  "dc:date": "2024-06-07T16:59+09:00",
  "dcterms:issued": "2023-03-02T17:33+09:00",
  "dcterms:modified": "2024-06-07T16:59+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-001292.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:apex_one_as_a_service",
      "@product": "Apex One as a Service",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "9.8",
    "@severity": "Critical",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-001292",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU96221942/index.html",
      "@id": "JVNVU#96221942",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-0587",
      "@id": "CVE-2023-0587",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25143",
      "@id": "CVE-2023-25143",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25144",
      "@id": "CVE-2023-25144",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25145",
      "@id": "CVE-2023-25145",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25146",
      "@id": "CVE-2023-25146",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25147",
      "@id": "CVE-2023-25147",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25148",
      "@id": "CVE-2023-25148",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-0587",
      "@id": "CVE-2023-0587",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25143",
      "@id": "CVE-2023-25143",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25144",
      "@id": "CVE-2023-25144",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25145",
      "@id": "CVE-2023-25145",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25146",
      "@id": "CVE-2023-25146",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25147",
      "@id": "CVE-2023-25147",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25148",
      "@id": "CVE-2023-25148",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/434.html",
      "@id": "CWE-434",
      "@title": "Unrestricted Upload of File with Dangerous Type(CWE-434)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/427.html",
      "@id": "CWE-427",
      "@title": "Uncontrolled Search Path Element(CWE-427)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-59",
      "@title": "Link Following(CWE-59)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-0587 (GCVE-0-2023-0587)

Vulnerability from cvelistv5

CERTFR-2023-AVI-0106

Vulnerability from certfr_avis

Solution

CERTFR-2023-AVI-0082

Vulnerability from certfr_avis

Solution

cve-2023-0587

Vulnerability from jvndb

Tags

Sightings

Nomenclature