Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 29 Sep 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple iphone Os
Google
Google android
Trendmicro id Security
CPEs cpe:2.3:a:trendmicro:id_security:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple iphone Os
Google
Google android
Trendmicro id Security

Tue, 31 Dec 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 31 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Description Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service.
First Time appeared Trendmicro
Trendmicro idsecurity
Weaknesses CWE-307
CWE-400
CWE-770
CPEs cpe:2.3:a:trendmicro:idsecurity:3.0.1778:*:*:*:*:*:*:*
Vendors & Products Trendmicro
Trendmicro idsecurity
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: trendmicro

Published:

Updated: 2024-12-31T19:15:07.198Z

Reserved: 2024-11-21T03:44:33.463Z

Link: CVE-2024-53647

cve-icon Vulnrichment

Updated: 2024-12-31T19:15:02.592Z

cve-icon NVD

Status : Analyzed

Published: 2024-12-31T16:15:26.437

Modified: 2025-09-29T17:49:22.510

Link: CVE-2024-53647

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.