Zscaler Client Connector 4.1 for Windows

CPE Details

Zscaler Client Connector 4.1 for Windows
zscaler
client_connector
4.1
2023-11-03
18h13 +00:00
2023-11-03
18h13 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:zscaler:client_connector:4.1:*:*:*:*:windows:*:*

Informations

Vendor

zscaler

Product

client_connector

Version

4.1

Target Software

windows

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-28806 2024-08-06 15h41 +00:00 An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190.
6.5
Medium
CVE-2024-23464 2024-08-06 15h24 +00:00 In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1
7.2
High
CVE-2024-23458 2024-08-06 15h22 +00:00 While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.
7.8
High
CVE-2024-23456 2024-08-06 15h21 +00:00 Anti-tampering can be disabled under certain conditions without signature validation. This affects Zscaler Client Connector <4.2.0.190 with anti-tampering enabled.
7.8
High
CVE-2023-28802 2023-11-21 10h51 +00:00 An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. This issue affects Client Connector: before 4.2.0.149.
5.4
Medium