1.3.1.6

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-06	CVE-2024-3661	Missing Authentication for Critical Function vulnerability in multiple products DHCP can add routes to a client’s routing table via the classless static route option (121). low complexity fortinet cisco paloaltonetworks citrix f5 watchguard zscaler CWE-306	7.6
2023-10-23	CVE-2023-28804	Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105 network low complexity zscaler CWE-347	5.3
2023-10-23	CVE-2023-28805	Unspecified vulnerability in Zscaler Client Connector An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. network low complexity zscaler critical	9.8
2023-06-22	CVE-2023-28799	Open Redirect vulnerability in Zscaler Client Connector A URL parameter during login flow was vulnerable to injection. network low complexity zscaler CWE-601	6.1
2023-06-22	CVE-2023-28800	Cross-site Scripting vulnerability in Zscaler Client Connector When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login. network low complexity zscaler CWE-79	6.1