CVE-2023-49321

EUVD-2023-53305
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
f-securelinux_protection
12.0
f-securelinux_security_64
12.0
f-secureatlant
1.0.35-1
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
f-secureemail_and_server_security
15.00
f-secureserver_security
15.00
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
𝑥
= Vulnerable software versions
References
https://www.withsecure.com/en/support/security-advisories/cve-2023-49321
https://www.withsecure.com/en/support/security-advisories/cve-2023-49321