CVE-2024-23462

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

A

n Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and thus removing client functionality.This issue affects Client Connector on MacOS: before 3.4.

References

Link	Resource
https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4	Vendor Advisory Release Notes
https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4	Vendor Advisory Release Notes

Configurations

Configuration 1 (hide)

cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:macos:*:*

History

17 Feb 2026, 19:06

Type	Values Removed	Values Added
First Time		Zscaler client Connector Zscaler
CPE		cpe:2.3:a:zscaler:client_connector::::::macos::*
References	~~() https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4 -~~	() https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4 - Vendor Advisory, Release Notes

21 Nov 2024, 08:57

Type	Values Removed	Values Added
References	~~() https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4 -~~	() https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4 -

02 May 2024, 13:27

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-02 13:23

Updated : 2026-02-17 19:06

NVD link : CVE-2024-23462

Mitre link : CVE-2024-23462

CVE.ORG link : CVE-2024-23462

JSON object : View

Products Affected

client_connector

CWE

CWE-354

Improper Validation of Integrity Check Value

{"id": "CVE-2024-23462", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-05-02T13:23:06.810", "references": [{"url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4", "tags": ["Vendor Advisory", "Release Notes"], "source": "[email protected]"}, {"url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=macos&applicable_version=3.4", "tags": ["Vendor Advisory", "Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-354"}]}], "descriptions": [{"lang": "en", "value": "An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and thus removing client functionality.This issue affects Client Connector on MacOS: before 3.4.\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de validaci\u00f3n inadecuada del valor de verificaci\u00f3n de integridad en Zscaler Client Connector en MacOS permite una denegaci\u00f3n de servicio del binario de Client Connector y, por lo tanto, elimina la funcionalidad del cliente. Este problema afecta a Client Connector en MacOS: versiones anteriores a 3.4."}], "lastModified": "2026-02-17T19:06:28.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:macos:*:*", "vulnerable": true, "matchCriteriaId": "D7C568C1-31F0-4389-B291-8A73061E16B2", "versionEndExcluding": "3.4"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}