Vulnerability Description
ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission), ZED! for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows before 2023.5 disclose the original path in which the containers were created, which allows an unauthenticated attacker to obtain some information regarding the context of use (project name, etc.).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Primx | Zed\! | < q.2020.3 |
| Primx | Zedmail | < 2023.5 |
| Primx | Zonecentral | < q.2021.2 |
References
- https://www.primx.eu/en/bulletins/security-bulletin-23B30930/Vendor Advisory
- https://www.primx.eu/fr/blog/Product
- https://www.primx.eu/en/bulletins/security-bulletin-23B30930/Vendor Advisory
- https://www.primx.eu/fr/blog/Product
FAQ
What is CVE-2023-50439?
CVE-2023-50439 is a vulnerability with a CVSS score of 5.3 (MEDIUM). ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission), ZED! for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before Q....
How severe is CVE-2023-50439?
CVE-2023-50439 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-50439?
Check the references section above for vendor advisories and patch information. Affected products include: Primx Zed\!, Primx Zedmail, Primx Zonecentral.