PT-2023-31547 · Primx · Primx Zedmail+2
Published
2023-12-13
·
Updated
2023-12-20
·
CVE-2023-50439
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PRIMX ZED! for Windows versions before Q.2020.3
PRIMX ZED! for Windows versions before Q.2021.2
PRIMX ZONECENTRAL for Windows versions before Q.2021.2
PRIMX ZONECENTRAL for Windows versions before 2023.5
PRIMX ZEDMAIL for Windows versions before 2023.5
Description
The issue allows an unauthenticated attacker to obtain some information regarding the context of use, such as project name, by disclosing the original path in which the containers were created.
Recommendations
For PRIMX ZED! for Windows versions before Q.2020.3, update to a version after Q.2020.3.
For PRIMX ZED! for Windows versions before Q.2021.2, update to a version after Q.2021.2.
For PRIMX ZONECENTRAL for Windows versions before Q.2021.2, update to a version after Q.2021.2.
For PRIMX ZONECENTRAL for Windows versions before 2023.5, update to a version after 2023.5.
For PRIMX ZEDMAIL for Windows versions before 2023.5, update to a version after 2023.5.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Primx Zed!
Primx Zedmail
Primx Zonecentral