This page lists publicly disclosed CVE vulnerabilities affecting trendmicro serverprotect_for_storage (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-25331 | Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. | [email protected] | 7.5 | 3.05% | 2022-02-23 | 2026-06-17 |
| CVE-2022-25330 | Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution. | [email protected] | 9.8 | 4.91% | 2022-02-23 | 2026-06-17 |
| CVE-2022-25329 | Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions. | [email protected] | 9.8 | 2.63% | 2022-02-23 | 2026-06-17 |
| CVE-2021-25252 | Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. | [email protected] | 5.5 | 0.56% | 2021-03-03 | 2026-06-16 |