Vulnerability Description
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Withsecure | F-Secure Policy Manager | 15.00 |
| Withsecure | Policy Manager Proxy | 15.00 |
References
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
- https://www.withsecure.com/en/support/security-advisories/cve-2023-43762
- https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn511Broken Link
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
- https://www.withsecure.com/en/support/security-advisories/cve-2023-43762
- https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn511Broken Link
FAQ
What is CVE-2023-43762?
CVE-2023-43762 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
How severe is CVE-2023-43762?
CVE-2023-43762 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-43762?
Check the references section above for vendor advisories and patch information. Affected products include: Withsecure F-Secure Policy Manager, Withsecure Policy Manager Proxy.