{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-27359", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-05T18:01:32.049Z", "dateReserved": "2024-02-25T00:00:00", "datePublished": "2024-02-25T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-25T06:57:59.098486"}, "descriptions": [{"lang": "en", "value": "Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.withsecure.com/en/support/security-advisories/cve-2034-n1"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:51.998Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.withsecure.com/en/support/security-advisories/cve-2034-n1", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-835", "lang": "en", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')"}]}], "affected": [{"vendor": "withsecure", "product": "client_security", "cpes": ["cpe:2.3:a:withsecure:client_security:15:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "15", "status": "affected"}]}, {"vendor": "withsecure", "product": "server_security", "cpes": ["cpe:2.3:a:withsecure:server_security:15:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "15", "status": "affected"}]}, {"vendor": "f-secure", "product": "email_and_server_security", "cpes": ["cpe:2.3:a:f-secure:email_and_server_security:15.00:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "15.00", "status": "affected"}]}, {"vendor": "withsecure", "product": "elements_endpoint_protection", "cpes": ["cpe:2.3:a:withsecure:elements_endpoint_protection:17:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "17", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "withsecure", "product": "linux_protection", "cpes": ["cpe:2.3:a:withsecure:linux_protection:12.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "12.0", "status": "affected"}]}, {"vendor": "withsecure", "product": "linux_security_64", "cpes": ["cpe:2.3:a:withsecure:linux_security_64:12.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "12.0", "status": "affected"}]}, {"vendor": "withsecure", "product": "atlant", "cpes": ["cpe:2.3:a:withsecure:atlant:1.0.35-1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.0.35-1", "status": "affected"}]}, {"vendor": "withsecure", "product": "elements_endpoint_protection", "cpes": ["cpe:2.3:a:withsecure:elements_endpoint_protection:17.0:*:*:*:*:macos:*:*"], "defaultStatus": "unknown", "versions": [{"version": "17.0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-05T17:52:00.849656Z", "id": "CVE-2024-27359", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T18:01:32.049Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.withsecure.com/en/support/security-advisories/cve-2034-n1", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:51.998Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-27359", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-05T17:52:00.849656Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:withsecure:client_security:15:*:*:*:*:*:*:*"], "vendor": "withsecure", "product": "client_security", "versions": [{"status": "affected", "version": "15"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:withsecure:server_security:15:*:*:*:*:*:*:*"], "vendor": "withsecure", "product": "server_security", "versions": [{"status": "affected", "version": "15"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:f-secure:email_and_server_security:15.00:*:*:*:*:*:*:*"], "vendor": "f-secure", "product": "email_and_server_security", "versions": [{"status": "affected", "version": "15.00"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:withsecure:elements_endpoint_protection:17:*:*:*:*:*:*:*"], "vendor": "withsecure", "product": "elements_endpoint_protection", "versions": [{"status": "affected", "version": "17", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:withsecure:linux_protection:12.0:*:*:*:*:*:*:*"], "vendor": "withsecure", "product": "linux_protection", "versions": [{"status": "affected", "version": "12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:withsecure:linux_security_64:12.0:*:*:*:*:*:*:*"], "vendor": "withsecure", "product": "linux_security_64", "versions": [{"status": "affected", "version": "12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:withsecure:atlant:1.0.35-1:*:*:*:*:*:*:*"], "vendor": "withsecure", "product": "atlant", "versions": [{"status": "affected", "version": "1.0.35-1"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:withsecure:elements_endpoint_protection:17.0:*:*:*:*:macos:*:*"], "vendor": "withsecure", "product": "elements_endpoint_protection", "versions": [{"status": "affected", "version": "17.0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-835", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T17:52:50.637Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.withsecure.com/en/support/security-advisories/cve-2034-n1"}], "descriptions": [{"lang": "en", "value": "Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-25T06:57:59.098486"}}}, "cveMetadata": {"cveId": "CVE-2024-27359", "state": "PUBLISHED", "dateUpdated": "2024-08-05T18:01:32.049Z", "dateReserved": "2024-02-25T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-02-25T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1."}, {"lang": "es", "value": "Ciertos productos WithSecure permiten una denegaci\u00f3n de servicio porque el esc\u00e1ner del motor puede entrar en un bucle infinito al procesar un archivo comprimido. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, WithSecure Linux Security 64 12.0, ConSecure Linux Protection 12.0 y conSecure Atlant 1.0.35-1."}], "id": "CVE-2024-27359", "lastModified": "2024-11-21T09:04:25.703", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-26T16:28:00.377", "references": [{"source": "[email protected]", "url": "https://www.withsecure.com/en/support/security-advisories/cve-2034-n1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.withsecure.com/en/support/security-advisories/cve-2034-n1"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}