CVE-2025-30679 MEDIUM

CVE-2025-30679

Vendor Trend Micro, Inc.

Product Trend Micro Apex Central

Weakness CWE-918 · SSRF

Published June 17, 2025

Last update June 20, 2025

View on NVD All CVEs

CVSS base score

6.5/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.

Key dates

02Disclosure timeline

June 17, 2025 CVE published

June 20, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-30679 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/918.html

Related vulnerabilities

Identifiers

CVE CVE-2025-30679

CWE CWE-918

CVSS 6.5 / MEDIUM

Affected versions