Vulnerability Description
By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; and ZED! for Windows, Mac, Linux before 2023.5 include an encrypted version of sensitive user information, which could allow an unauthenticated attacker to obtain it via brute force.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Primx | Zed\! | < q.2020.3 |
| Primx | Zedmail | < 2023.5 |
| Primx | Zonecentral | < q.2021.2 |
Related Weaknesses (CWE)
References
- https://www.primx.eu/en/bulletins/security-bulletin-23B30874/Vendor Advisory
- https://www.primx.eu/fr/blog/Product
- https://www.primx.eu/en/bulletins/security-bulletin-23B30874/Vendor Advisory
- https://www.primx.eu/fr/blog/Product
FAQ
What is CVE-2023-50444?
CVE-2023-50444 is a vulnerability with a CVSS score of 7.5 (HIGH). By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Wind...
How severe is CVE-2023-50444?
CVE-2023-50444 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-50444?
Check the references section above for vendor advisories and patch information. Affected products include: Primx Zed\!, Primx Zedmail, Primx Zonecentral.