SNI Mismatch Vulnerability in Zscaler Internet Access (ZIA) Allows Attackers to Evade Network Security Controls
CVE-2023-28807 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate traffic.
Learn more about our Cis Benchmark Audit For Server Software.