Lucene search
K
WithsecureF-secure Policy Manager

4 matches found

CVE
CVE
added 2022/10/25 12:0 a.m.67 views

CVE-2022-38162

CVE-2022-38162 describes a reflected XSS in WithSecure’s F-Secure Policy Manager caused by an unvalidated parameter in a vulnerable endpoint. Affected software is WithSecure/Policy Manager (versions up to 2022-08-10 per sources). The vulnerability enables remote attackers to inject malicious inpu...

6.1CVSS6AI score0.0067EPSS
CVE
CVE
added 2022/11/17 12:0 a.m.61 views

CVE-2022-38165

The CVE-2022-38165 entry concerns Arbitrary file write in F-Secure Policy Manager (and WithSecure rebrand) prior to 2022-08-10. An unauthenticated attacker could write arbitrary files to arbitrary locations on the Policy Manager Server. Publicly available connected documents corroborate the flaw’...

9.8CVSS9.3AI score0.00828EPSS
CVE
CVE
added 2023/09/22 12:0 a.m.60 views

CVE-2023-43763

CVE-2023-43763 affects WithSecure Policy Manager 15 on Windows and Linux. The issue—an XSS vulnerability—stems from an unvalidated parameter in a web endpoint, indicating insufficient input validation in the affected component. The CVSS 3.1 base score is 6.1 (MEDIUM) with Network access, Low conf...

6.1CVSS6AI score0.00312EPSS
CVE
CVE
added 2023/09/22 12:0 a.m.50 views

CVE-2023-43762

CVE-2023-43762 affects WithSecure Policy Manager 15 and Policy Manager Proxy 15, allowing unauthenticated remote code execution via the web server (backend). The Red Hat, NVD, and CN literature corroborate this description across multiple feeds. The core issue is an unauthenticated RCE path reach...

9.8CVSS9.6AI score0.01128EPSS