Overview
- Description
- By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; and ZED! for Windows, Mac, Linux before 2023.5 include an encrypted version of sensitive user information, which could allow an unauthenticated attacker to obtain it via brute force.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- CWE-307
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:primx:zed\\!:*:*:*:*:enterprise:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "7C67598A-6CE7-4802-BB1F-65D40CF38DAC",
"versionEndExcluding": "q.2020.3"
},
{
"criteria": "cpe:2.3:a:primx:zed\\!:*:*:*:*:enterprise:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "1B21D96F-47D7-4DE6-80AD-68986FF75C77",
"versionEndExcluding": "2023.5",
"versionStartIncluding": "2023.0"
},
{
"criteria": "cpe:2.3:a:primx:zed\\!:*:*:*:*:enterprise:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "747C7A04-7E6E-4A2C-BCFC-01EC16ABE951",
"versionEndExcluding": "q.2021.2",
"versionStartIncluding": "q.2021.0"
},
{
"criteria": "cpe:2.3:a:primx:zedmail:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "01B1BDF0-697E-4EA2-8E26-5B786E03FCF1",
"versionEndExcluding": "2023.5"
},
{
"criteria": "cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "60E1C4D1-FD43-44D1-90E3-0A3936D947A2",
"versionEndExcluding": "q.2021.2"
},
{
"criteria": "cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "5FA52575-445D-48F8-B1D9-F3981DDBD5D3",
"versionEndExcluding": "2023.5",
"versionStartIncluding": "2023.0"
}
],
"operator": "OR"
}
]
}
]