{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T00:37:28.977","vulnerabilities":[{"cve":{"id":"CVE-2021-42101","sourceIdentifier":"security@trendmicro.com","published":"2021-10-21T08:15:07.343","lastModified":"2024-11-21T06:27:15.670","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42103."},{"lang":"es","value":"Unas vulnerabilidades de un elemento de ruta de búsqueda no controlada en Trend Micro Apex One y Apex One as a Service podrían permitir a un atacante local escalar privilegios en las instalaciones afectadas. Un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. Esta vulnerabilidad es similar pero no idéntica a CVE-2021-42103"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*","matchCriteriaId":"AF019D2D-C426-4D2D-A254-442CE777B41E"},{"vulnerable":true,"criteria":"cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:saas:*:*:*","matchCriteriaId":"8FA15535-6AC8-4062-BE7B-CD545B7516E2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://success.trendmicro.com/solution/000289229","source":"security@trendmicro.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-1219/","source":"security@trendmicro.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://success.trendmicro.com/solution/000289229","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-1219/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}