CVE-2024-53647 MEDIUM

CVE-2024-53647

Vendor Trend Micro, Inc.
Product Trend Micro ID Security
Weakness CWE-400
Published December 31, 2024
Last update December 31, 2024

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service.

Key dates

02Disclosure timeline

December 31, 2024 CVE published
December 31, 2024 Record updated