Improper Access Control Vulnerability in Trend Micro Apex One, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 Allows Unauthorized Access to Hotfix History

Improper Access Control Vulnerability in Trend Micro Apex One, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 Allows Unauthorized Access to Hotfix History

CVE-2021-25228 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history.

Learn more about our Cis Benchmark Audit For Microsoft Office.