CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Withsecure 1F Secure Policy Manager Nov 21, 2024 Sep 22, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux. |
1Withsecure 2F Secure Policy Manager Policy Manager ProxyNov 21, 2024 Sep 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15. |
1Withsecure 1F Secure Policy Manager Apr 30, 2025 Nov 17, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server. |
1Withsecure 1F Secure Policy Manager May 7, 2025 Oct 25, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Reflected cross-site scripting (XSS) vulnerabilities in WithSecure through 2022-08-10) exists within the F-Secure Policy Manager due to an unvalidated parameter in the endpoint, which allows remote attackers to provide a...Show more |