CVE-2024-23457

Sažetak

The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209

Reference

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023
https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

02-03-2026 - 19:18

Objavljeno

01-05-2024 - 17:15