How severe is CVE-2023-28801?

CVE-2023-28801 has a CVSS v3 score of 9.6 (CRITICAL).

CVE-2023-28801

Name: zscaler_internet_access_admin_portal
Author: zscaler

9.6CRITICAL

An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.

Publicado: 8/31/2023Atualizado: 11/21/2024

Descrição

An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.

Análise IADesenvolvido por IA

Produtos Afetados

zscalerzscaler_internet_access_admin_portal

Referências

https://help.zscaler.com/zia/release-upgrade-summary-2023
Release Notes
https://help.zscaler.com/zia/release-upgrade-summary-2023
Release Notes