Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-22568
PUBLISHED
More InfoOfficial Page
Assigner-Zscaler
Assigner Org ID-73c6f63b-efac-410d-a0a9-569700f85a04
View Known Exploited Vulnerability (KEV) details
Published At-23 Feb, 2026 | 16:12
Updated At-23 Feb, 2026 | 18:47
Rejected At-
▼CVE Numbering Authority (CNA)
Unauthorized information retrieval in ZIA Admin UI

Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could allow an authenticated administrator to access or retrieve unauthorized internal information in rare conditions.

Affected Products
Vendor
Zscaler, Inc.Zscaler
Product
ZIA Admin UI
Default Status
unaffected
Versions
Affected
  • From 6.2 before 6.2r (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-54CAPEC-54 Query System for Information
CAPEC ID: CAPEC-54
Description: CAPEC-54 Query System for Information
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Andrew Allen Hess on behalf of Cyber Defense Team (Deutsche Börse Group)
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://help.zscaler.com/zia/release-upgrade-summary-2026?applicable_category=zscaler.net&deployment_date=2026-02-12&id=1538576
N/A
Hyperlink: https://help.zscaler.com/zia/release-upgrade-summary-2026?applicable_category=zscaler.net&deployment_date=2026-02-12&id=1538576
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found