Withsecure F-secure Policy Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Withsecure F-secure Policy Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-38165 — CVSS 9.8 (critical): Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in…
CVE-2023-43762 — CVSS 9.8 (critical): Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy…
CVE-2022-38162 — CVSS 6.1 (medium): Reflected cross-site scripting (XSS) vulnerabilities in WithSecure through 2022-08-10) exists within the F-Secure Policy Manager due to an…
CVE-2023-43763 — CVSS 6.1 (medium): Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows…