Vulnerabilities > Zscaler

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-21	CVE-2023-28802	Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. network low complexity zscaler CWE-354	5.4
2023-11-06	CVE-2023-28794	Origin Validation Error vulnerability in Zscaler Client Connector 1.3/1.3.0.31/1.3.1 Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. network low complexity zscaler CWE-346	6.5
2023-10-23	CVE-2021-26734	Unspecified vulnerability in Zscaler Client Connector Zscaler Client Connector Installer on Windows before version 3.4.0.124 improperly handled directory junctions during uninstallation. local low complexity zscaler	5.5
2023-10-23	CVE-2021-26735	Unquoted Search Path or Element vulnerability in Zscaler Client Connector The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted search path vulnerability. local low complexity zscaler CWE-428	7.8
2023-10-23	CVE-2021-26736	Path Traversal vulnerability in Zscaler Client Connector Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. local low complexity zscaler CWE-22	7.8
2023-10-23	CVE-2021-26737	Origin Validation Error vulnerability in Zscaler Client Connector The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. local high complexity zscaler CWE-346	4.7
2023-10-23	CVE-2021-26738	Untrusted Search Path vulnerability in Zscaler Client Connector Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. local low complexity zscaler CWE-426	7.8
2023-10-23	CVE-2023-28793	Out-of-bounds Write vulnerability in Zscaler Client Connector 1.3/1.3.0.31/1.3.1 Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. local low complexity zscaler CWE-787	7.8
2023-10-23	CVE-2023-28795	Origin Validation Error vulnerability in Zscaler Client Connector 1.3/1.3.0.31/1.3.1 Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of Code in Existing Process. local low complexity zscaler CWE-346	7.8
2023-10-23	CVE-2023-28796	Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector 1.3/1.3.0.31/1.3.1 Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. local low complexity zscaler CWE-347	7.8

Vulnerabilities > Zscaler {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zscaler"}]}

Vulnerabilities > Zscaler