F-SecureUSCVE-2021-33572CVE-2021-33572
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
35.0%
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the FSAVD component used in certain F-Secure products can crash while scanning larger packages/fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f-secure | cloud_protection_for_salesforce | - | cpe:2.3:a:f-secure:cloud_protection_for_salesforce:-:*:*:*:*:*:*:* |
| f-secure | elements_for_microsoft_365 | - | cpe:2.3:a:f-secure:elements_for_microsoft_365:-:*:*:*:*:*:*:* |
| f-secure | endpoint_protection | * | cpe:2.3:a:f-secure:endpoint_protection:*:*:*:*:*:*:*:* |
| f-secure | linux_security | - | cpe:2.3:a:f-secure:linux_security:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"platforms": [
"x86 & x64"
],
"product": "F-Secure Products",
"vendor": "F-Secure",
"versions": [
{
"status": "affected",
"version": "All Version"
}
]
}
]References
Social References
More
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
35.0%