Lucene search

K
cve[email protected]CVE-2023-28794
HistoryNov 06, 2023 - 8:15 a.m.

CVE-2023-28794

2023-11-0608:15:22
CWE-346
web.nvd.nist.gov
17
cve
2023
28794
origin validation error
zscaler client connector
linux
privilege abuse

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.2%

Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.

Affected configurations

NVD
Node
zscalerclient_connectorRange<1.3.1.6linux

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Client Connector",
    "vendor": "Zscaler",
    "versions": [
      {
        "lessThan": "1.3.1.6",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.2%

Related for CVE-2023-28794