Vulnerabilities > CVE-2023-50440 - Unspecified vulnerability in Primx Zed!, Zedmail and Zonecentral

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

primx

NVD

Published: 2023-12-13

Updated: 2023-12-20

Summary

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger network access to an attacker-controlled computer when opened by the victim.

Vulnerable Configurations

Part	Description	Count
Application	Primx Primx Zonecentral * Primx Zonecentral 6.1.2240 Primx Zedmail 6.1.2240 Primx Zed! 2023.5 Primx Zed! Q.2020.1 Primx Zed! Q.2020.2 Primx Zed! * Primx Zed! Q.2021.1 Primx Zed! -	16

Summary

Vulnerable Configurations

References