CVE-2019-9489

EUVD-2019-18863
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
trendmicroapex_one_as_a_service
𝑥
< 2019-03-27
trendmicrobusiness_security
9.0:sp3
trendmicroofficescan
11.0:sp1
trendmicroworry-free_business_security
9.5
trendmicroworry-free_business_security
10.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://success.trendmicro.com/jp/solution/1122253
https://success.trendmicro.com/solution/1122250
https://success.trendmicro.com/jp/solution/1122253
https://success.trendmicro.com/solution/1122250