Описание
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
Ссылки
- Vendor Advisory
- Broken Link
- Vendor Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:withsecure:f-secure_policy_manager:15.00:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:withsecure:f-secure_policy_manager:15.00:*:*:*:*:windows:*:*
cpe:2.3:a:withsecure:policy_manager_proxy:15.00:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:withsecure:policy_manager_proxy:15.00:*:*:*:*:windows:*:*
EPSS
Процентиль: 84%
0.02277
Низкий
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
github
больше 2 лет назад
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend), issue 1 of 2. This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
EPSS
Процентиль: 84%
0.02277
Низкий
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo