7.5
CVE-2023-43767
- EPSS 0.21%
- Published 22.09.2023 05:15:09
- Last modified 21.11.2024 08:24:44
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
Data is provided by the National Vulnerability Database (NVD)
F-secure ≫ Linux Protection Version12.0
F-secure ≫ Linux Security 64 Version12.0
F-secure ≫ Client Security Version15.00
F-secure ≫ Elements Endpoint Protection Version >= 17.0
F-secure ≫ Email And Server Security Version15.00
F-secure ≫ Server Security Version15.00
F-secure ≫ Client Security Version15.00
F-secure ≫ Elements Endpoint Protection Version >= 17.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.437 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.