How severe is CVE-2023-28801?

CVE-2023-28801 has a CVSS v3 score of 9.6 (CRITICAL).

CVE-2023-28801

Name: zscaler_internet_access_admin_portal
Author: zscaler

9.6CRITICAL

An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.

Veröffentlicht: 8/31/2023Aktualisiert: 11/21/2024

Beschreibung

An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.

KI-AnalyseKI-gestützt

Betroffene Produkte

zscalerzscaler_internet_access_admin_portal

Referenzen

https://help.zscaler.com/zia/release-upgrade-summary-2023
Release Notes
https://help.zscaler.com/zia/release-upgrade-summary-2023
Release Notes