CVE-2023-50440

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger network access to an attacker-controlled computer when opened by the victim.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:linux:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:macos:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:free:linux:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:free:macos:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:free:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:pro:linux:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:pro:macos:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:pro:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
cpe:2.3:a:primx:zedmail:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*

History

21 Nov 2024, 08:36

Type Values Removed Values Added
References () https://www.primx.eu/en/bulletins/security-bulletin-23B30931/ - Vendor Advisory () https://www.primx.eu/en/bulletins/security-bulletin-23B30931/ - Vendor Advisory
References () https://www.primx.eu/fr/blog/ - Product () https://www.primx.eu/fr/blog/ - Product

20 Dec 2023, 18:29

Type Values Removed Values Added
First Time Primx zedmail
Primx zonecentral
Primx zed\!
Primx
CPE cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:free:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:free:macos:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:pro:windows:*:*
cpe:2.3:a:primx:zedmail:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:macos:*:*
cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:free:linux:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:pro:macos:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:pro:linux:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:linux:*:*
References () https://www.primx.eu/en/bulletins/security-bulletin-23B30931/ - () https://www.primx.eu/en/bulletins/security-bulletin-23B30931/ - Vendor Advisory
References () https://www.primx.eu/fr/blog/ - () https://www.primx.eu/fr/blog/ - Product
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE NVD-CWE-noinfo

13 Dec 2023, 21:25

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-13 21:15

Updated : 2024-11-21 08:36


NVD link : CVE-2023-50440

Mitre link : CVE-2023-50440

CVE.ORG link : CVE-2023-50440


JSON object : View

Products Affected

primx

  • zedmail
  • zonecentral
  • zed\!