Zscaler Client Connector 1.3.1.6 for Linux

CPE Details

Zscaler Client Connector 1.3.1.6 for Linux
zscaler
client_connector
1.3.1.6
2023-11-03
18h13 +00:00
2023-11-03
18h13 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:zscaler:client_connector:1.3.1.6:*:*:*:*:linux:*:*

Informations

Vendor

zscaler

Product

client_connector

Version

1.3.1.6

Target Software

linux

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-3661 2024-05-06 18h31 +00:00 DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
7.6
High
CVE-2023-28805 2023-10-23 13h33 +00:00 An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105
9.8
Critical
CVE-2023-28804 2023-10-23 13h33 +00:00 An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105
8.2
High
CVE-2023-28800 2023-06-22 19h15 +00:00 When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login.
8.1
High
CVE-2023-28799 2023-06-22 19h06 +00:00 A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token to the redirected domain.
8.2
High