ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission), ZED! for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows before 2023.5 disclose the original path in which the containers were created, which allows an unauthenticated attacker to obtain some information regarding the context of use (project name, etc.).
References
Link | Resource |
---|---|
https://www.primx.eu/en/bulletins/security-bulletin-23B30930/ | Vendor Advisory |
https://www.primx.eu/fr/blog/ | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-13T00:00:00
Updated: 2023-12-13T20:17:26.437262
Reserved: 2023-12-10T00:00:00
Link: CVE-2023-50439
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-13T21:15:09.563
Modified: 2023-12-20T18:29:44.920
Link: CVE-2023-50439
JSON object: View
Redhat Information
No data.
CWE