CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-50440
https://notcve.org/view.php?id=CVE-2023-50440
13 Dec 2023 — ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include ... • https://www.primx.eu/en/bulletins/security-bulletin-23B30931 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50442
https://notcve.org/view.php?id=CVE-2023-50442
13 Dec 2023 — Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker (with appropriate privileges) so that specific file types are excluded from encryption temporarily. (This modification can, however, be detected, as described in the Administrator Guide.) Un atacante local (con los privilegios adecuados) puede modificar las carpetas cifradas creadas por PRIMX ZONECENTRAL hasta 2023.5 para que tipos de archivos específicos queden excluidos del cifrado temporalmente. (Sin embargo... • https://www.primx.eu/en/bulletins/security-bulletin-23B30933 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-50444
https://notcve.org/view.php?id=CVE-2023-50444
13 Dec 2023 — By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; and ZED! for Windows, Mac, Linux before 2023.5 include an encrypted version of sensitive user information, which could allow an unauthenticated attacker to obtain it via brute force. D... • https://www.primx.eu/en/bulletins/security-bulletin-23B30874 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-50439
https://notcve.org/view.php?id=CVE-2023-50439
13 Dec 2023 — ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission), ZED! for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows before 2023.5 disclose the original path in which the containers were created, which allows an unauthenticated attacker to obtain some information regarding the context of use (project name, etc.). Contenedore... • https://www.primx.eu/en/bulletins/security-bulletin-23B30930 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50441
https://notcve.org/view.php?id=CVE-2023-50441
13 Dec 2023 — Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission) or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which folders are opened. Un atacante no autenticado puede modificar las carpetas cifradas creadas por PRIMX ZONECENTRAL para Windows antes de Q.2021.2 (envío de calificación ANSSI) o ZONECENTRAL para Windows antes de 202... • https://www.primx.eu/en/bulletins/security-bulletin-23B3093A •