7.5

CVE-2024-27359

Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendorwithsecure
Product client_security
Default Statusunknown
Version 15
Status affected
Vendorwithsecure
Product server_security
Default Statusunknown
Version 15
Status affected
Vendorf-secure
Product email_and_server_security
Default Statusunknown
Version 15.00
Status affected
Vendorwithsecure
Product elements_endpoint_protection
Default Statusunknown
Version <= *
Version 17
Status affected
Vendorwithsecure
Product linux_protection
Default Statusunknown
Version 12.0
Status affected
Vendorwithsecure
Product linux_security_64
Default Statusunknown
Version 12.0
Status affected
Vendorwithsecure
Product atlant
Default Statusunknown
Version 1.0.35-1
Status affected
Vendorwithsecure
Product elements_endpoint_protection
Default Statusunknown
Version <= *
Version 17.0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.07% 0.222
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.