First published: Tue Nov 21 2023(Updated: )
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. This issue affects Client Connector: before 220.127.116.11.
|Affected Software||Affected Version||How to fix|
|Zscaler Client Connector||<18.104.22.168|
The vulnerability ID for this issue is CVE-2023-28802.
An authenticated user can disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics.
Zscaler Client Connector versions before 22.214.171.124 are affected.
This vulnerability has a severity rating of medium (5.4).
Yes, updating Zscaler Client Connector to version 126.96.36.199 or later will fix this vulnerability.