AI Score
Confidence
Low
EPSS
Percentile
86.7%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
[
{
"cpes": [
"cpe:2.3:a:withsecure:f-secure_policy_manager:15.00:*:*:*:*:linux_kernel:*:*"
],
"vendor": "withsecure",
"product": "f-secure_policy_manager",
"versions": [
{
"status": "affected",
"version": "15.00"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:withsecure:f-secure_policy_manager:15.00:*:*:*:*:windows:*:*"
],
"vendor": "withsecure",
"product": "f-secure_policy_manager",
"versions": [
{
"status": "affected",
"version": "15.00"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:withsecure:policy_manager_proxy:15.00:*:*:*:*:linux_kernel:*:*"
],
"vendor": "withsecure",
"product": "policy_manager_proxy",
"versions": [
{
"status": "affected",
"version": "15.00"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:withsecure:policy_manager_proxy:15.00:*:*:*:*:windows:*:*"
],
"vendor": "withsecure",
"product": "policy_manager_proxy",
"versions": [
{
"status": "affected",
"version": "15.00"
}
],
"defaultStatus": "unknown"
}
]