CVE-2022-23119

Exploit

EPSS 1.22%
Veröffentlicht 20.01.2022 19:15:07
Zuletzt bearbeitet 21.11.2024 06:48:02
Quelle security@trendmicro.com
CVE-Watchlists
Login
Unerledigt
Login

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Trendmicro ≫ Deep Security Agent SwEditionlong_term_support Version >= 20.0 < 20.0.0-3445

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Update- SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate1 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate10 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate11 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate12 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate13 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate14 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate15 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate16 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate17 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate18 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate19 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate2 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate20 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate21 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate22 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate23 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate24 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate25 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate26 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate27 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate28 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate29 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate3 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate30 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate31 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate4 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate5 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate6 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate7 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate8 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version10.0 Updateupdate9 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Update- SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate1 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate10 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate11 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate12 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate13 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate14 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate15 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate16 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate17 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate18 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate19 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate2 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate20 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate21 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate22 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate23 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate24 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate25 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate26 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate27 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate3 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate4 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate5 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate6 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate7 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate8 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version11.0 Updateupdate9 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Update- SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate1 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate10 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate11 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate12 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate13 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate14 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate15 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate16 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate17 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate18 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate19 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate2 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate20 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate21 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate3 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate4 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate5 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate6 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate7 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate8 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Trendmicro ≫ Deep Security Agent Version12.0 Updateupdate9 SwEditionlong_term_support

Linux ≫ Linux Kernel Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.22%	0.784

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://success.trendmicro.com/solution/000290104

Patch

Vendor Advisory

Mitigation

https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2022-23119

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-23119

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-23119

EUVD