CVE-2023-43765

Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
f-securelinux_protection
12.0
f-securelinux_security_64
12.0
f-secureatlant
1.0.35-1
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
f-secureemail_and_server_security
15.00
f-secureserver_security
15.00
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
𝑥
= Vulnerable software versions
References
https://www.withsecure.com/en/support/security-advisories
https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn2
https://www.withsecure.com/en/support/security-advisories
https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn2