Lucene search

[email protected]NVD:CVE-2023-43767

HistorySep 22, 2023 - 5:15 a.m.

CVE-2023-43767

2023-09-2205:15:09

CWE-400

[email protected]

web.nvd.nist.gov

withsecure

denial of service

aepack handler

client security

server security

email security

endpoint protection

linux security

atlant

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

34.3%

JSON

Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Affected configurations

Nvd

Node

f-securelinux_protectionMatch12.0

f-securelinux_security_64Match12.0

AND

linuxlinux_kernelMatch-

Node

f-secureatlantMatch1.0.35-1

Node

f-secureclient_securityMatch15.00

f-secureelements_endpoint_protectionRange17.0≥

f-secureemail_and_server_securityMatch15.00

f-secureserver_securityMatch15.00

AND

microsoftwindowsMatch-

Node

f-secureclient_securityMatch15.00

f-secureelements_endpoint_protectionRange17.0≥

AND

applemacosMatch-

VendorProductVersionCPE
f-securelinux_protection12.0cpe:2.3:a:f-secure:linux_protection:12.0:*:*:*:*:*:*:*
f-securelinux_security_6412.0cpe:2.3:a:f-secure:linux_security_64:12.0:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
f-secureatlant1.0.35-1cpe:2.3:a:f-secure:atlant:1.0.35-1:*:*:*:*:*:*:*
f-secureclient_security15.00cpe:2.3:a:f-secure:client_security:15.00:*:*:*:*:*:*:*
f-secureelements_endpoint_protection*cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:*
f-secureemail_and_server_security15.00cpe:2.3:a:f-secure:email_and_server_security:15.00:*:*:*:*:*:*:*
f-secureserver_security15.00cpe:2.3:a:f-secure:server_security:15.00:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
f-secure	linux_protection	12.0	cpe:2.3:a:f-secure:linux_protection:12.0:::::::*
f-secure	linux_security_64	12.0	cpe:2.3:a:f-secure:linux_security_64:12.0:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
f-secure	atlant	1.0.35-1	cpe:2.3:a:f-secure:atlant:1.0.35-1:::::::*
f-secure	client_security	15.00	cpe:2.3:a:f-secure:client_security:15.00:::::::*
f-secure	elements_endpoint_protection	*	cpe:2.3:a:f-secure:elements_endpoint_protection::::::::
f-secure	email_and_server_security	15.00	cpe:2.3:a:f-secure:email_and_server_security:15.00:::::::*
f-secure	server_security	15.00	cpe:2.3:a:f-secure:server_security:15.00:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
apple	macos	-	cpe:2.3:o:apple:macos:-:::::::*