Lucene search

[email protected]NVD:CVE-2023-28804

HistoryOct 23, 2023 - 2:15 p.m.

CVE-2023-28804

2023-10-2314:15:09

CWE-347

[email protected]

web.nvd.nist.gov

zscaler

linux

cryptographic

vulnerability

signature

binary replacing

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.0005 Low

EPSS

Percentile

17.0%

JSON

An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105

Affected configurations

NVD

Node

zscalerclient_connectorRange<1.4.0.105linux

References

help.zscaler.com/client-connector/client-connector-app-release-summary-2023

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.0005 Low

EPSS

Percentile

17.0%

JSON

Related for NVD:CVE-2023-28804

prion1 cvelist1 cve1