CVE-2023-50439

Published: Dec 13, 2023Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission), ZED! for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows before 2023.5 disclose the original path in which the containers were created, which allows an unauthenticated attacker to obtain some information regarding the context of use (project name, etc.).

Affected (6)

Products: Primx: Zed!, Zedmail, Zonecentral

3 products

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Primx Zed!	Before q.2020.3
Primx Zed!	From 2023.0 to 2023.5
Primx Zed!	From q.2021.0 to q.2021.2
Primx Zedmail	Before 2023.5
Primx Zonecentral	Before q.2021.2
Primx Zonecentral	From 2023.0 to 2023.5

References (4)

https://www.primx.eu/en/bulletins/security-bulletin-23B30930/

Source: cve@mitre.org

Vendor Advisory

https://www.primx.eu/fr/blog/

Source: cve@mitre.org

Product

https://www.primx.eu/en/bulletins/security-bulletin-23B30930/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.primx.eu/fr/blog/

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.