CVE-2023-50439

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission), ZED! for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows before 2023.5 disclose the original path in which the containers were created, which allows an unauthenticated attacker to obtain some information regarding the context of use (project name, etc.).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
cpe:2.3:a:primx:zedmail:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*

History

21 Nov 2024, 08:36

Type Values Removed Values Added
References () https://www.primx.eu/en/bulletins/security-bulletin-23B30930/ - Vendor Advisory () https://www.primx.eu/en/bulletins/security-bulletin-23B30930/ - Vendor Advisory
References () https://www.primx.eu/fr/blog/ - Product () https://www.primx.eu/fr/blog/ - Product

20 Dec 2023, 18:29

Type Values Removed Values Added
CPE cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zedmail:*:*:*:*:*:windows:*:*
cpe:2.3:a:primx:zed\!:*:*:*:*:enterprise:windows:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CWE NVD-CWE-noinfo
References () https://www.primx.eu/en/bulletins/security-bulletin-23B30930/ - () https://www.primx.eu/en/bulletins/security-bulletin-23B30930/ - Vendor Advisory
References () https://www.primx.eu/fr/blog/ - () https://www.primx.eu/fr/blog/ - Product

13 Dec 2023, 21:25

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-13 21:15

Updated : 2024-11-21 08:36


NVD link : CVE-2023-50439

Mitre link : CVE-2023-50439

CVE.ORG link : CVE-2023-50439


JSON object : View

Products Affected

primx

  • zed\!
  • zonecentral
  • zedmail