CVE-2023-41717

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 31, 2023

Updated: Sep 7, 2023

CWE ID 552

Summary

CVE-2023-41717 is a vulnerability affecting Zscaler Proxy versions 3.6.1.25 and earlier. This issue involves inappropriate file type control, enabling local attackers to bypass the software's file download and upload restrictions. This could lead to potential data leakage or malware infiltration, posing a significant risk to users. Organizations using these Zscaler Proxy versions are advised to apply the latest patches or upgrades to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zscaler Proxy

Affected Vendors

Zscaler

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sD__iH
https://www.cve.org/CVERecord?id=CVE-2023-41717
https://nvd.nist.gov/vuln/detail/CVE-2023-41717

Back to Vulnerability Database