Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
January 16, 2024Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities
January 16, 2024Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
January 16, 2024Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities
January 16, 2024Severity
Medium
Analysis Summary
CVE-2023-52328 CVSS:6.1
Trend Micro Apex Central is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-52331 CVSS:9.1
Trend Micro Apex Central is vulnerable to server-side request forgery, caused by a flaw in the modVulnerabilityProtect module. By sending a specially crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to obtain sensitive information.
CVE-2023-52325 CVSS:7.5
Trend Micro Apex Central could allow a remote authenticated attacker to include arbitrary files. An attacker could send a specially crafted URL request to the widget to specify a malicious file from the local system, which could allow the attacker to execute arbitrary code in the context of IUSR on the system.
CVE-2023-52326 CVSS:6.1
Trend Micro Apex Central is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-52327 CVSS:6.1
Trend Micro Apex Central is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-52330 CVSS:6.1
Trend Micro Apex Central is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
Impact
- Cross-Site Scripting
- Information Theft
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-52328
- CVE-2023-52331
- CVE-2023-52325
- CVE-2023-52326
- CVE-2023-52327
- CVE-2023-52330
Affected Vendors
Trend Micro
Affected Products
- Trend Micro Apex Central 2019
Remediation
Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.