Primary

Context

Trend Micro Apex Central SaaS Server-Side Request Forgery Information Disclosure Vulnerability

Vulnerability

Patched

A Server-side Request Forgery (SSRF) vulnerability has been identified in Trend Micro Apex Central (SaaS) installations prior to the March 2025 Maintenance Release. This vulnerability allows attackers to manipulate certain parameters, potentially leading to unauthorized information disclosure.

Impact

Exploitation of this vulnerability could result in the unauthorized disclosure of sensitive information from the affected Apex Central SaaS installation.

Remediation

Trend Micro has released a March 2025 Monthly Maintenance Release for the Apex Central SaaS version, which addresses this vulnerability. Customers should apply this update.

Added: Jun 17, 2025, 8:22 PM

Updated: Jun 17, 2025, 8:56 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Trend Micro Apex Central SaaS Server-Side Request Forgery Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Trend Micro Apex Central

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating