CVE-2022-23119

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
trendmicroCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
trendmicrodeep_security_agent
20.0 ≤
𝑥
< 20.0.0-3445
trendmicrodeep_security_agent
10.0
trendmicrodeep_security_agent
10.0:update1
trendmicrodeep_security_agent
10.0:update10
trendmicrodeep_security_agent
10.0:update11
trendmicrodeep_security_agent
10.0:update12
trendmicrodeep_security_agent
10.0:update13
trendmicrodeep_security_agent
10.0:update14
trendmicrodeep_security_agent
10.0:update15
trendmicrodeep_security_agent
10.0:update16
trendmicrodeep_security_agent
10.0:update17
trendmicrodeep_security_agent
10.0:update18
trendmicrodeep_security_agent
10.0:update19
trendmicrodeep_security_agent
10.0:update2
trendmicrodeep_security_agent
10.0:update20
trendmicrodeep_security_agent
10.0:update21
trendmicrodeep_security_agent
10.0:update22
trendmicrodeep_security_agent
10.0:update23
trendmicrodeep_security_agent
10.0:update24
trendmicrodeep_security_agent
10.0:update25
trendmicrodeep_security_agent
10.0:update26
trendmicrodeep_security_agent
10.0:update27
trendmicrodeep_security_agent
10.0:update28
trendmicrodeep_security_agent
10.0:update29
trendmicrodeep_security_agent
10.0:update3
trendmicrodeep_security_agent
10.0:update30
trendmicrodeep_security_agent
10.0:update31
trendmicrodeep_security_agent
10.0:update4
trendmicrodeep_security_agent
10.0:update5
trendmicrodeep_security_agent
10.0:update6
trendmicrodeep_security_agent
10.0:update7
trendmicrodeep_security_agent
10.0:update8
trendmicrodeep_security_agent
10.0:update9
trendmicrodeep_security_agent
11.0
trendmicrodeep_security_agent
11.0:update1
trendmicrodeep_security_agent
11.0:update10
trendmicrodeep_security_agent
11.0:update11
trendmicrodeep_security_agent
11.0:update12
trendmicrodeep_security_agent
11.0:update13
trendmicrodeep_security_agent
11.0:update14
trendmicrodeep_security_agent
11.0:update15
trendmicrodeep_security_agent
11.0:update16
trendmicrodeep_security_agent
11.0:update17
trendmicrodeep_security_agent
11.0:update18
trendmicrodeep_security_agent
11.0:update19
trendmicrodeep_security_agent
11.0:update2
trendmicrodeep_security_agent
11.0:update20
trendmicrodeep_security_agent
11.0:update21
trendmicrodeep_security_agent
11.0:update22
trendmicrodeep_security_agent
11.0:update23
trendmicrodeep_security_agent
11.0:update24
trendmicrodeep_security_agent
11.0:update25
trendmicrodeep_security_agent
11.0:update26
trendmicrodeep_security_agent
11.0:update27
trendmicrodeep_security_agent
11.0:update3
trendmicrodeep_security_agent
11.0:update4
trendmicrodeep_security_agent
11.0:update5
trendmicrodeep_security_agent
11.0:update6
trendmicrodeep_security_agent
11.0:update7
trendmicrodeep_security_agent
11.0:update8
trendmicrodeep_security_agent
11.0:update9
trendmicrodeep_security_agent
12.0
trendmicrodeep_security_agent
12.0:update1
trendmicrodeep_security_agent
12.0:update10
trendmicrodeep_security_agent
12.0:update11
trendmicrodeep_security_agent
12.0:update12
trendmicrodeep_security_agent
12.0:update13
trendmicrodeep_security_agent
12.0:update14
trendmicrodeep_security_agent
12.0:update15
trendmicrodeep_security_agent
12.0:update16
trendmicrodeep_security_agent
12.0:update17
trendmicrodeep_security_agent
12.0:update18
trendmicrodeep_security_agent
12.0:update19
trendmicrodeep_security_agent
12.0:update2
trendmicrodeep_security_agent
12.0:update20
trendmicrodeep_security_agent
12.0:update21
trendmicrodeep_security_agent
12.0:update3
trendmicrodeep_security_agent
12.0:update4
trendmicrodeep_security_agent
12.0:update5
trendmicrodeep_security_agent
12.0:update6
trendmicrodeep_security_agent
12.0:update7
trendmicrodeep_security_agent
12.0:update8
trendmicrodeep_security_agent
12.0:update9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://success.trendmicro.com/solution/000290104
https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt
https://success.trendmicro.com/solution/000290104
https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt