How severe is CVE-2023-28803?

CVE-2023-28803 has a CVSS v3 score of 5.9 (MEDIUM).

CVE-2023-28803

Name: client_connector
Author: zscaler

5.9MEDIUM

An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: b

Published: 10/23/2023Updated: 11/21/2024

Description

An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: before 3.9.

AI AnalysisPowered by AI

Affected Products

zscalerclient_connector

References

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023
Release Notes
https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023
Release Notes