Vulnerability Details CVE-2023-28793
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.3%
CVSS Severity
CVSS v3 Score 7.8
References
- https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.3.1&deployment_date=2022-09-19
- https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.3.1&deployment_date=2022-09-19
Products affected by CVE-2023-28793
-
cpe:2.3:a:zscaler:client_connector:-
-
cpe:2.3:a:zscaler:client_connector:1.3
-
cpe:2.3:a:zscaler:client_connector:1.3.0.31
-
cpe:2.3:a:zscaler:client_connector:1.3.1