Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f-secure policy manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-1102
Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote malicious users to inject arbi...
F-secure Policy Manager 9.00
F-secure Policy Manager 8.11
F-secure Policy Manager 7.00
F-secure Policy Manager 8.00
F-secure Policy Manager 8.10
5
CVSSv2
CVE-2011-1103
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote malicious users to obtain sensitive information via a request to an invali...
F-secure Policy Manager 9.00
F-secure Policy Manager 7.00
F-secure Policy Manager 8.1x
F-secure Policy Manager 8.00
5
CVSSv2
CVE-2007-2964
The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and previous versions allows remote malicious users to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs.
F-secure Policy Manager
1 EDB exploit
NA
CVE-2022-38162
Reflected cross-site scripting (XSS) vulnerabilities in WithSecure through 2022-08-10) exists within the F-Secure Policy Manager due to an unvalidated parameter in the endpoint, which allows remote malicious users to provide a malicious input.
Withsecure F-secure Policy Manager -
NA
CVE-2022-38165
Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server.
Withsecure F-secure Policy Manager -
5
CVSSv2
CVE-2004-1223
The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote malicious users to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters.
F-secure Policy Manager 5.11
1 EDB exploit
NA
CVE-2023-43763
Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux.
Withsecure F-secure Policy Manager 15.00
NA
CVE-2023-43762
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
Withsecure F-secure Policy Manager 15.00
Withsecure Policy Manager Proxy 15.00
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started