CVE-2022-23119
Published Jan 20, 2022
Last updated 3 years ago
Overview
- Description
- A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.
- Source
- security@trendmicro.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:*:*:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0C257E3-8965-419B-A1CF-A36A0694E772",
"versionEndExcluding": "20.0.0-3445",
"versionStartIncluding": "20.0"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:-:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "321EB924-8AD5-4BA2-808A-25F802B675B5"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update1:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09B1BB7D-D806-43B6-B9C4-D7996545C92D"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update10:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC319EA4-53C8-4DE2-AA77-AF51EF8EE2C2"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update11:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E75B8D37-71C4-46D8-BDEA-4092D3EA422A"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update12:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43976B40-11D5-43AB-9204-6D749204121B"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update13:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3D52AB1-7932-4257-A779-76A10FBEE4A7"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update14:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD9BD10B-BE86-47AC-AB0C-A107A066B234"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update15:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36FED81B-AE50-42EB-9F86-37EF97C9453F"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update16:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7410926-0A0F-4D7D-93AE-11812B0BFAF5"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update17:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E28EE556-D322-4B03-9C8B-F6DE9A73E3F7"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update18:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A009F12A-125E-4B4C-ABAD-AFDF52AC9E33"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update19:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A165D79-C3B8-453B-B845-FE7C75FCD887"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update2:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42B6F868-C72D-49D1-B70F-25F6BDCD9A4A"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update20:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7130DB44-4550-4D28-8114-2C89C7490C9C"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update21:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "283217E3-921F-407C-B08A-5D71C4A39AC7"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update22:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "353D2026-D8DA-4C4B-A933-6BF33C85751E"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update23:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF1DCC0C-E834-436F-8FB1-BD3E857FDCF3"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update24:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC19A050-324B-427A-BE1C-B9030A07DB7E"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update25:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E06D04C4-B1F2-4CC0-BD7D-1125001A2211"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update26:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14E90A61-DEC5-4EF0-BFD2-6740F20A8E5F"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update27:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FACE806-A137-4F32-A975-A0DCC7613252"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update28:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDB1F56A-D134-49D8-88D0-F9E80E2051FC"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update29:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEC17CCA-83FF-45D3-9CDB-27C5E1FA1D28"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update3:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03AC8F33-76DE-4159-8FB8-2552D420083A"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update30:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "661512DC-94BF-4033-BCCF-CEB0B4CF30CC"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update31:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DBDF5F7-124B-4776-9803-6A03FEDB2075"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update4:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0D3A45A-1D11-45E0-92D3-E7398CB049E1"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update5:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C22891AE-781F-4212-B1D3-9E4F5FB0C14E"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update6:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A71E3B80-F9A9-45F6-95F5-B6B352FAC27D"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update7:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16AAC654-6F7E-4557-B03C-1EAD8C6ABB1F"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update8:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E3B910C-0D6E-4E4A-BB0D-40A540AC3F06"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:10.0:update9:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12A1E116-286E-4A47-A44E-360EEA8880AD"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:-:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E943BEB7-FE23-46EA-ADF0-7F98A4B3CA47"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update1:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F88232D0-FEEF-485D-B1C9-221C4E967194"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update10:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C108DC0-117F-46ED-9A72-D876D8203A80"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update11:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F67BDB9D-A5B8-4510-8C1D-963BBFF2DCA2"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update12:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DBFF14B-08E0-4A49-8A74-919F3A5A3D4F"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update13:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B909B6D7-52B8-4165-9864-3A05F25EC25C"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update14:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B642F2C-D882-418E-8A24-6BD8C40DF42E"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update15:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A78B7332-7A88-4BC3-9816-60438392C96D"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update16:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B53E159E-9723-4AA2-AA30-B20FB8BE1823"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update17:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BBC6429-3B3A-4CB2-9829-F0B3DEE23CC6"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update18:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D55E7CCF-A94E-469A-95EC-37D378AAFB62"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update19:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB6149B2-EDDA-4AB0-B089-5F165776194E"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update2:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E14C97A1-E3A1-44E4-9400-D2338809857A"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update20:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9CA17B2-29B0-440E-9941-A286F11D3FBD"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update21:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2DF06E1-A427-4F8C-B317-9BD4DF53BB75"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update22:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5660651-78FC-4EB3-9C63-02AE21098F20"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update23:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84CB2D0C-D84D-420C-9BB7-1744F9D106D2"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update24:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E889298-AF8C-41FB-9130-5E977D4A9F5D"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update25:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "519FABA6-389D-4F7A-994A-0B6840FC01D8"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update26:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BABC000-62AE-48EA-952E-E2735702C5FF"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update27:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60502D21-2275-4A71-A1C3-E9F7730DC26F"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update3:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0A6CCFE-B2ED-495C-BAA7-6EBD86DB4DEB"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update4:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "625C44C4-6753-43F4-BD40-BC7B0BD4D063"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update5:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0A04ED2-5ED5-46E3-BE03-79AD3B31F08F"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update6:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8677CC3F-D1C5-493F-9078-3C47DE38C3C1"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update7:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7D02C0C-CCA6-45DB-A3CC-8CB3454FE4DA"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update8:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08C0A5A4-5F01-4DDE-84A2-816DEAA2CF3B"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:11.0:update9:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3807FB6F-B75B-425D-BF5F-0B6C2501908E"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:-:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D8B777A-D631-476A-B161-D704F25A9BD5"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update1:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2239884-756F-4032-BC83-38969192C062"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update10:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C85FB7B4-15AB-4D71-B8E4-FD72BCA47943"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update11:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEBC3261-6785-494A-AF69-9B9E92C1C449"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update12:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4BDE013F-B4E8-433C-BD95-E6578E8B6E2A"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update13:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BD1467E-E658-4F27-8123-6C27C99E95A1"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update14:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9611071-E484-4F32-8F18-FD299A60E335"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update15:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D65290CE-9638-45C4-96F9-C0B676FAA834"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update16:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D257AA23-A28F-4110-819F-7D0F246DD2DA"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update17:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9F8542C-ED04-483C-AB27-D4FE55558951"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update18:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2616E2DF-8FB3-4B8C-B329-334D794242E5"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update19:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C9471AE-E7C2-4789-907D-EC5F1195431E"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update2:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CB292C1-9467-4987-B670-927287503F46"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update20:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0418BDF2-673B-40CF-BC64-7C4C24AA72FE"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update21:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14370D4B-5141-4581-8F92-7F9BDB885282"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update3:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D2D0C04-948C-4B24-A6EC-FB54A57077F9"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update4:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F454D5A-1C03-42F6-8639-FC550F5D8B48"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update5:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A824F50-CB92-4FE2-B097-C4DD9E8D65FB"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update6:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB62D225-22C1-4452-856A-EFE31CC6FA0D"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update7:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD084BE9-D333-4495-874D-4E7DF892494D"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update8:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1CB2EC1-3CEF-4033-A6BB-328D53752BEC"
},
{
"criteria": "cpe:2.3:a:trendmicro:deep_security_agent:12.0:update9:*:*:long_term_support:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED56C9F2-19A4-4E1E-BF02-8E192415E09F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]