Skip to main content

Netskope

6 CVEs product

Monthly

CVE-2024-7401 HIGH This Week

Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Netskope
NVD
CVSS 4.0
8.5
EPSS
0.8%
CVE-2023-4996 HIGH This Week

Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Netskope
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-2270 HIGH This Week

The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute commands. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Netskope
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-28845 HIGH POC This Week

A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Netskope
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2019-12091 HIGH This Week

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Netskope
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2019-10882 HIGH This Week

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netskope
NVD
CVSS 3.1
7.8
EPSS
0.4%
EPSS 1% CVSS 8.5
HIGH This Week

Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Netskope
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Netskope
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute commands. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Netskope
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Netskope
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Netskope
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netskope
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy