Vulnerabilities > CVE-2023-28793 - Out-of-bounds Write vulnerability in Zscaler Client Connector 1.3/1.3.0.31/1.3.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Common Weakness Enumeration (CWE)
References
- https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.3.1&deployment_date=2022-09-19
- https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.3.1&deployment_date=2022-09-19