Описание
While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.
Уязвимые конфигурации
Конфигурация 1Версия до 4.2.0.190 (исключая)
cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 12%
0.0004
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-346
CWE-346
Связанные уязвимости
CVSS3: 7.3
github
больше 1 года назад
While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.
EPSS
Процентиль: 12%
0.0004
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-346
CWE-346