Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netskope netskope vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4996
Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. The root cause of the problem was a user control code when called by a Wi...
Netskope Netskope
NA
CVE-2022-4149
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory (C:\Users\Public\netSkope) for a standard user. The files are created and written with a SYSTEM account except one file (logplaceholder) which inherits...
Netskope Netskope
NA
CVE-2023-2270
The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute commands. The connection handling function of Netskope client before R100 in this service utilized a relative path to download and unzip ...
Netskope Netskope
NA
CVE-2021-44862
Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A...
Netskope Netskope
7.2
CVSSv2
CVE-2021-41388
Netskope client before 89.x on macOS is impacted by a local privilege escalation vulnerability. The XPC implementation of nsAuxiliarySvc process does not perform validation on new connections before accepting the connection. Thus any low privileged user can connect and call exter...
Netskope Netskope
9
CVSSv2
CVE-2020-24576
Netskope Client through 77 allows low-privileged users to elevate their privileges to NT AUTHORITY\SYSTEM.
Netskope Netskope
9.3
CVSSv2
CVE-2020-28845
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system.
Netskope Netskope 75.0
7.2
CVSSv2
CVE-2019-12091
The Netskope client service, v57 prior to 57.2.0.219 and v60 prior to 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from command injection vulnerability. Local users can use this ...
Netskope Netskope
7.2
CVSSv2
CVE-2019-10882
The Netskope client service, v57 prior to 57.2.0.219 and v60 prior to 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in "doHandshakefromServ...
Netskope Netskope
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started