While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.
References
Configurations
History
07 Aug 2024, 21:29
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | () https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190 - Vendor Advisory | |
CPE | cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:* | |
First Time |
Zscaler client Connector
Zscaler |
|
Summary |
|
06 Aug 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-06 16:15
Updated : 2024-08-07 21:29
NVD link : CVE-2024-23458
Mitre link : CVE-2024-23458
CVE.ORG link : CVE-2024-23458
JSON object : View
Products Affected
zscaler
- client_connector
CWE
CWE-346
Origin Validation Error