Описание
Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission) or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which folders are opened.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до q.2021.2 (исключая)Версия от 2023.0 (включая) до 2023.5 (исключая)
Одно из
cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 35%
0.00143
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.5
github
около 2 лет назад
Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission) or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which folders are opened.
EPSS
Процентиль: 35%
0.00143
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo