CVE-2023-49321

CVE Database · CVE-2023-49321

CVE-2023-49321

· MEDIUMModified

CVSS v3.1

5.3

EPSS

0.61%

Published

Nov 26, 2023

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products (12)

f-secure · linux_protectionvulnerable

f-secure · linux_security_64vulnerable

linux · linux_kernel

f-secure · atlantvulnerable

f-secure · client_securityvulnerable

f-secure · elements_endpoint_protectionvulnerable

f-secure · email_and_server_securityvulnerable

f-secure · server_securityvulnerable

microsoft · windows

f-secure · client_securityvulnerable

f-secure · elements_endpoint_protection

References (2)

https://www.withsecure.com/en/support/security-advisories/cve-2023-49321

Vendor Advisory

https://www.withsecure.com/en/support/security-advisories/cve-2023-49321

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs