7.5
CVE-2023-42520
- EPSS 0.22%
- Veröffentlicht 18.09.2023 06:15:08
- Zuletzt bearbeitet 21.11.2024 08:22:42
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Withsecure ≫ Client Security Version15
Withsecure ≫ Elements Endpoint Protection Version >= 17
Withsecure ≫ Email And Server Security Version15
Withsecure ≫ Server Security Version15
Withsecure ≫ Client Security Version15
Withsecure ≫ Elements Endpoint Protection Version >= 17
Withsecure ≫ Linux Protection Version12.0
Withsecure ≫ Linux Security 64 Version12.0
Withsecure ≫ Atlant Version1.0.35-1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.445 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.