While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.
Metrics
Affected Vendors & Products
References
History
Tue, 06 Aug 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zscaler
Zscaler client Connector |
|
CPEs | cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:* | |
Vendors & Products |
Zscaler
Zscaler client Connector |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Zscaler
Published: 2024-08-06T15:22:58.963Z
Updated: 2024-08-06T18:36:26.478Z
Reserved: 2024-01-17T15:15:47.221Z
Link: CVE-2024-23458
Vulnrichment
Updated: 2024-08-06T18:36:17.748Z
NVD
Status : Analyzed
Published: 2024-08-06T16:15:47.260
Modified: 2024-08-07T21:29:09.537
Link: CVE-2024-23458
Redhat
No data.