CVE-2022-23119 : A directory traversal vulnerability in Trend Micro Deep Security and Cloud One -

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.

Published 2022-01-20 19:15:08

Updated 2022-01-27 16:09:44

Source Trend Micro, Inc.

View at NVD, CVE.org

Vulnerability category: Directory traversal

Products affected by CVE-2022-23119

Trendmicro » Deep Security Agent » Long Term Support Edition
Versions from including (>=) 20.0 and before (<) 20.0.0-3445
cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update1 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update10 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update11 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update12 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update13 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update14 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update15 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update16 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update17 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update18 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update19 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update2 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update20 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update21 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update22 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update23 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update24 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update25 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update26 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update27 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update28 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update29 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update3 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update30 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update31 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update4 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update5 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update6 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update7 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update8 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 10.0 Update Update9 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update1 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update10 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update11 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update12 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update13 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update14 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update15 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update16 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update17 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update18 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update19 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update2 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update20 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update21 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update22 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update23 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update24 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update25 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update26 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update27 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update3 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update4 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update5 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update6 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update7 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update8 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 11.0 Update Update9 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update1 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update10 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update11 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update12 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update13 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update14 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update15 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update16 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update17 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update18 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update19 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update2 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update20 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update21 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update3 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update4 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update5 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update6 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update7 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update8 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
Trendmicro » Deep Security Agent » Version: 12.0 Update Update9 Long Term Support Edition
cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-23119

EPSS FAQ

3.81%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 87 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-23119

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2022-23119

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-23119

https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt

Exploit;Third Party Advisory

CVEs referencing this url
https://success.trendmicro.com/solution/000290104

Mitigation;Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-23119

Products affected by CVE-2022-23119

Exploit prediction scoring system (EPSS) score for CVE-2022-23119

CVSS scores for CVE-2022-23119

CWE ids for CVE-2022-23119

References for CVE-2022-23119