How severe is CVE-2023-28801?

CVE-2023-28801 has a CVSS v3 score of 9.6 (CRITICAL).

CVE-2023-28801

Name: zscaler_internet_access_admin_portal
Author: zscaler

9.6CRITICAL

An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.

Опубликовано: 8/31/2023Обновлено: 11/21/2024

Описание

An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.

ИИ-АнализНа базе ИИ

Затронутые продукты

zscalerzscaler_internet_access_admin_portal

Ссылки

https://help.zscaler.com/zia/release-upgrade-summary-2023
Release Notes
https://help.zscaler.com/zia/release-upgrade-summary-2023
Release Notes