CVE-2023-49321

Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
VendorProductVersion
f-securelinux_protection
12.0
f-securelinux_security_64
12.0
f-secureatlant
1.0.35-1
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
f-secureemail_and_server_security
15.00
f-secureserver_security
15.00
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
𝑥
= Vulnerable software versions
References
https://www.withsecure.com/en/support/security-advisories/cve-2023-49321
https://www.withsecure.com/en/support/security-advisories/cve-2023-49321