Page 5 of 42 results (0.002 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. This issue affects Client Connector: before 4.2.0.149. Una validación incorrecta del valor de verificación de integridad en Zscaler Client Connector en Windows permite a un usuario autenticado deshabilitar ZIA/ZPA interrumpiendo el reinicio del servicio desde Zscaler Diagnostics. Este problema afecta a Client Connector: anterior a 4.2.0.149. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Windows&applicable_version=4.2 • CWE-354: Improper Validation of Integrity Check Value •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6. La vulnerabilidad de error de validación de origen en Zscaler Client Connector en Linux permite el abuso de privilegios. Este problema afecta a Zscaler Client Connector para Linux: versiones anteriores a 1.3.1.6. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.3.1&deployment_date=2022-09-19 • CWE-346: Origin Validation Error •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105 Una vulnerabilidad de validación de entrada incorrecta en Zscaler Client Connector en Linux permite la escalada de privilegios. Este problema afecta a Client Connector: anterior a 1.4.0.105 • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0

An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105 Una vulnerabilidad de verificación incorrecta de Cryptographic Signature en Zscaler Client Connector en Linux permite reemplazar archivos binarios. Este problema afecta a Linux Client Connector: antes de 1.4.0.105 • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: before 3.9. Es posible omitir la autenticación mediante la suplantación de un dispositivo con una dirección IP sintética en Zscaler Client Connector en Windows, lo que permite omitir la funcionalidad. Este problema afecta a Client Connector: versiones anteriores a 3.9. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023 • CWE-290: Authentication Bypass by Spoofing •