{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7402", "assignerOrgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc", "state": "PUBLISHED", "assignerShortName": "Netskope", "dateReserved": "2024-08-02T07:21:12.054Z", "datePublished": "2025-08-14T04:32:41.870Z", "dateUpdated": "2025-08-15T12:58:40.808Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Netskope Client", "vendor": "Netskope", "versions": [{"lessThan": "123.0.16, 126.0.9, 129.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Sander de Wit"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine. <br><br>"}], "value": "Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 7, "baseSeverity": "HIGH", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-354", "description": "CWE-354", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc", "shortName": "Netskope", "dateUpdated": "2025-08-14T04:32:41.870Z"}, "references": [{"url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Customers can apply the fix by enabling the \u201cSecure Configuration\u201d option from the tenant under Settings -&gt; Security Cloud Platform -&gt; Netskope Client -&gt; MDM Distribution -&gt; Secure Enrollment page. Customers are recommended to upgrade the Netskope Client to the latest versions of R123, R126, R129 or higher and adopt \u201cNetskope Client Secure Configuration Service\u201d for APIs."}], "value": "Customers can apply the fix by enabling the \u201cSecure Configuration\u201d option from the tenant under Settings -> Security Cloud Platform -> Netskope Client -> MDM Distribution -> Secure Enrollment page. Customers are recommended to upgrade the Netskope Client to the latest versions of R123, R126, R129 or higher and adopt \u201cNetskope Client Secure Configuration Service\u201d for APIs."}], "source": {"advisory": "NSKPSA-2024-002", "discovery": "EXTERNAL"}, "title": "Netskope Client Configuration Tampering with Local MITM", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prevent users from installing or adding 3rd party certificates in their machine's Operating System trust store. This will prevent users from performing MITM and tampering with configurations."}], "value": "Prevent users from installing or adding 3rd party certificates in their machine's Operating System trust store. This will prevent users from performing MITM and tampering with configurations."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-354", "lang": "en", "description": "CWE-354 Improper Validation of Integrity Check Value"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-15T12:28:14.675484Z", "id": "CVE-2024-7402", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-15T12:58:40.808Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Netskope Client Configuration Tampering with Local MITM", "source": {"advisory": "NSKPSA-2024-002", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Sander de Wit"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Netskope", "product": "Netskope Client", "versions": [{"status": "affected", "version": "0", "lessThan": "123.0.16, 126.0.9, 129.0.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Customers can apply the fix by enabling the \u201cSecure Configuration\u201d option from the tenant under Settings -> Security Cloud Platform -> Netskope Client -> MDM Distribution -> Secure Enrollment page. Customers are recommended to upgrade the Netskope Client to the latest versions of R123, R126, R129 or higher and adopt \u201cNetskope Client Secure Configuration Service\u201d for APIs.", "supportingMedia": [{"type": "text/html", "value": "Customers can apply the fix by enabling the \u201cSecure Configuration\u201d option from the tenant under Settings -&gt; Security Cloud Platform -&gt; Netskope Client -&gt; MDM Distribution -&gt; Secure Enrollment page. Customers are recommended to upgrade the Netskope Client to the latest versions of R123, R126, R129 or higher and adopt \u201cNetskope Client Secure Configuration Service\u201d for APIs.", "base64": false}]}], "references": [{"url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002"}], "workarounds": [{"lang": "en", "value": "Prevent users from installing or adding 3rd party certificates in their machine's Operating System trust store. This will prevent users from performing MITM and tampering with configurations.", "supportingMedia": [{"type": "text/html", "value": "Prevent users from installing or adding 3rd party certificates in their machine's Operating System trust store. This will prevent users from performing MITM and tampering with configurations.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine.", "supportingMedia": [{"type": "text/html", "value": "Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine. <br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-354", "description": "CWE-354"}]}], "providerMetadata": {"orgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc", "shortName": "Netskope", "dateUpdated": "2025-08-14T04:32:41.870Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7402", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-15T12:28:14.675484Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-354", "description": "CWE-354 Improper Validation of Integrity Check Value"}]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2025-08-15T12:28:25.743Z"}}]}, "cveMetadata": {"cveId": "CVE-2024-7402", "state": "PUBLISHED", "dateUpdated": "2025-08-14T04:32:41.870Z", "dateReserved": "2024-08-02T07:21:12.054Z", "assignerOrgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc", "datePublished": "2025-08-14T04:32:41.870Z", "assignerShortName": "Netskope"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine."}, {"lang": "es", "value": "Netskope ha identificado una posible vulnerabilidad en su agente (Cliente Netskope) que permite a un usuario malicioso manipular la configuraci\u00f3n del Cliente Netskope mediante una actividad de intermediario (MITM) en el canal de comunicaci\u00f3n del Cliente Netskope. Una explotaci\u00f3n exitosa requerir\u00eda privilegios administrativos en el equipo y podr\u00eda resultar en la alteraci\u00f3n temporal de la configuraci\u00f3n del Cliente Netskope o la desactivaci\u00f3n o eliminaci\u00f3n permanente del agente del equipo."}], "id": "CVE-2024-7402", "lastModified": "2025-08-15T13:15:30.237", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@netskope.com", "type": "Secondary"}]}, "published": "2025-08-14T05:15:26.010", "references": [{"source": "psirt@netskope.com", "url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002"}], "sourceIdentifier": "psirt@netskope.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-354"}], "source": "psirt@netskope.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-354"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"created": "2025-08-14T12:59:56.750511+00:00", "updated": "2025-08-14T12:59:56.750564+00:00", "vendors": ["netskope", "netskope$PRODUCT$netskope"]}