Vulnerabilities > CVE-2023-41717 - Files or Directories Accessible to External Parties vulnerability in Zscaler Proxy 3.6.1.25

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
local
low complexity
zscaler
CWE-552
NVD
Published: 2023-08-31
Updated: 2024-11-21

Summary

Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions.

Vulnerable Configurations

Part Description Count
Application
Zscaler
2

Common Weakness Enumeration (CWE)

References