We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-28794

PAC Files Exposed to Internet Websites



AssignerZscaler
Reserved2023-03-23
Published2023-11-06
Updated2024-09-05

Description

Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.



MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Problem types

CWE-346 Origin Validation Error

Product status

Default status
0x40024b41b0

Any version before 1.3.1.6
affected

Credits

Paul Gerste, SonarSource 0x40024b4200

References

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.3.1&deployment_date=2022-09-19

cve.org CVE-2023-28794

nvd.nist.gov CVE-2023-28794

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-28794
Subscribe to our newsletter to learn more about our work.