CVE-2023-38626

Summary

CVE-2023-38626 is a post-authentication Server-Side Request Forgery (SSRF) vulnerability affecting Trend Micro Apex Central 2019 versions lower than build 6481. This issue allows an attacker, who has already gained the ability to execute low-privileged code on the target system, to interact with internal or local services directly. This vulnerability should not be confused with CVE-2023-38625, although it shares some similarities. An attacker can potentially exploit this SSRF flaw to gain unauthorized access and manipulate the targeted services.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.