The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges.
References
Link | Resource |
---|---|
https://trust.zscaler.com/posts/7316 | Vendor Advisory |
Configurations
History
19 Feb 2021, 20:57
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://trust.zscaler.com/posts/7316 - Vendor Advisory | |
CPE | cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:* | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-269 |
16 Feb 2021, 20:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-16 20:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-11635
Mitre link : CVE-2020-11635
CVE.ORG link : CVE-2020-11635
JSON object : View
Products Affected
zscaler
- client_connector
CWE