Published:2021/09/30  Last Updated:2021/09/30

JVNVU#99520559
Trend Micro ServerProtect family vulnerable to authentication bypass

Overview

Trend Micro Incorporated has released security updates for ServerProtect family.

Products Affected

  • ServerProtect for Microsoft Windows / Novell Netware (SPNT) prior to 5.8 CP1575
  • ServerProtect for Network Appliance Filers (SPNAF) prior to 5.8 CP1299
  • ServerProtect for EMC Celerra (SPEMC) prior to 5.8 CP1577
  • ServerProtect for Storage (SPFS) prior to 6.0 CP1284

Description

Trend Micro Incorporated has released security updates for ServerProtect family.

Impact

A remote attacker may bypass authentication for the products.
For more information, refer to the information provided by the developer.

Solution

Apply the patch
Apply the appropriate patch according to the information provided by the developer.

Vendor Status

Vendor Link
Trend Micro Incorporated CRITICAL SECURITY BULLETIN: Trend Micro ServerProtect Authentication Bypass Vulnerability

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia