CVE-2023-49321
First published: Sun Nov 26 2023(Updated: )
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| WithSecure Linux Protection | =12.0 | |
| F-Secure Linux Security | =12.0 | |
| Linux Kernel | ||
| F-Secure Atlant | =1.0.35-1 | |
| All of | ||
| Any of | ||
| WithSecure Client Security | =15.00 | |
| F-Secure Elements | >=17.0 | |
| F-Secure Email and Server Security | =15.00 | |
| F-Secure Server Security | =15.00 | |
| Microsoft Windows Operating System | ||
| All of | ||
| Any of | ||
| WithSecure Client Security | =15.00 | |
| F-Secure Elements | >=17.0 | |
| macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-49321?
CVE-2023-49321 is a vulnerability that allows a Denial of Service attack on certain WithSecure products.
Which products are affected by CVE-2023-49321?
CVE-2023-49321 affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17.
What is the severity of CVE-2023-49321?
CVE-2023-49321 has a severity rating of 5.3, which is considered medium.
How does CVE-2023-49321 work?
CVE-2023-49321 works by scanning a crafted file, which takes a long time and causes the scanner to hang, resulting in a Denial of Service.
Is Linux Kernel vulnerable to CVE-2023-49321?
No, Linux Kernel is not vulnerable to CVE-2023-49321.
- agent/type
- agent/event
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/f-secure
- canonical/withsecure linux protection
- version/withsecure linux protection/12.0
- canonical/f-secure linux security
- version/f-secure linux security/12.0
- vendor/linux
- canonical/linux kernel
- canonical/f-secure atlant
- version/f-secure atlant/1.0.35-1
- canonical/withsecure client security
- version/withsecure client security/15.00
- canonical/f-secure elements
- version/f-secure elements/17.0
- canonical/f-secure email and server security
- version/f-secure email and server security/15.00
- canonical/f-secure server security
- version/f-secure server security/15.00
- vendor/microsoft
- canonical/microsoft windows operating system
- vendor/apple
- canonical/macos