Published:2022/03/02  Last Updated:2022/03/02

JVNVU#92972528
Multiple vulnerabilities in Trend Micro ServerProtect

Overview

Trend Micro Incorporated has released security updates for ServerProtect.

Products Affected

  • ServerProtect for Storage (SPFS) 6.0
  • ServerProtect for Microsoft Windows / Novell NetWare (SPNT) 5.8
  • ServerProtect for EMC Celerra (SPEMC) 5.8
  • ServerProtect for Network Appliance Filers (SPNAF) 5.8

Description

Trend Micro Incorporated has released security updates for ServerProtect.

Impact

  • Remote control execution due to insufficiently protected static credentials
  • Denial-of-service (DoS) and/or remote code execution due to integer overflow
  • Denial-of-service (DoS) due to improper exception handling
For more information, refer to the information provided by the developer.

Solution

Apply the patch
Apply the appropriate patch according to the information provided by the developer.

Vendor Status

Vendor Link
Trend Micro Incorporated CRITICAL SECURITY BULLETIN: Multiple Vulnerabilities in Trend Micro ServerProtect - February 2022

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia