2 matches found
CVE-2023-3747
CVE-2023-3747 describes a vulnerability in Cloudflare WARP/Zero Trust where there is insufficient server-side validation of override codes. A local attacker with access to the device can extend the maximum disconnected time of the WARP client by altering the device’s clock, exploiting the overrid...
CVE-2023-3747 Insufficient Validation on Override Codes for Always-Enabled WARP Mode
Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...