CVE-2020-28583

Medium

5.3/10

Summary

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

References

Advisory Timeline

Published Dec 01, 2020

CVE-2020-28583

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS