CVE-2023-49322

CVE Database · CVE-2023-49322

CVE-2023-49322

· HIGHModified

CVSS v3.1

7.5

EPSS

0.70%

Published

Nov 26, 2023

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products (12)

f-secure · linux_protectionvulnerable

f-secure · linux_security_64vulnerable

linux · linux_kernel

f-secure · atlantvulnerable

f-secure · client_securityvulnerable

f-secure · elements_endpoint_protectionvulnerable

f-secure · email_and_server_securityvulnerable

f-secure · server_securityvulnerable

microsoft · windows

f-secure · client_securityvulnerable

f-secure · elements_endpoint_protection

References (2)

https://www.withsecure.com/en/support/security-advisories/cve-2023-49322

Vendor Advisory

https://www.withsecure.com/en/support/security-advisories/cve-2023-49322

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs