Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. The root cause of the problem was a user control code when called by a Windows ServiceController did not validate the permissions associated with the user before executing the user control code. This user control code had permissions to terminate the NSClient service. 
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Netskope

Published: 2023-11-06T10:16:06.626Z

Updated: 2024-09-05T15:19:00.692Z

Reserved: 2023-09-15T12:39:38.532Z

Link: CVE-2023-4996

cve-icon Vulnrichment

Updated: 2024-08-02T07:44:53.768Z

cve-icon NVD

Status : Modified

Published: 2023-11-06T11:15:09.593

Modified: 2024-11-21T08:36:25.640

Link: CVE-2023-4996

cve-icon Redhat

No data.