mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 05:28:59 +00:00
59 lines
1.9 KiB
JSON
59 lines
1.9 KiB
JSON
{
|
|
"id": "CVE-2023-28802",
|
|
"sourceIdentifier": "cve@zscaler.com",
|
|
"published": "2023-11-21T11:15:08.633",
|
|
"lastModified": "2023-11-21T14:08:14.160",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. This issue affects Client Connector: before 4.2.0.149.\n\n"
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una validaci\u00f3n incorrecta del valor de verificaci\u00f3n de integridad en Zscaler Client Connector en Windows permite a un usuario autenticado deshabilitar ZIA/ZPA interrumpiendo el reinicio del servicio desde Zscaler Diagnostics. Este problema afecta a Client Connector: anterior a 4.2.0.149."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "cve@zscaler.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
|
|
"attackVector": "PHYSICAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.9,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 0.7,
|
|
"impactScore": 4.2
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "cve@zscaler.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-354"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Windows&applicable_version=4.2",
|
|
"source": "cve@zscaler.com"
|
|
}
|
|
]
|
|
} |