Browse all 4 CVE security advisories affecting Skyhigh. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Skyhigh provides cloud security posture management, focusing on discovering and securing cloud services and data. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws. The product has faced scrutiny for misconfigurations that exposed sensitive data, with four CVEs recorded to date. Security researchers have identified authentication bypass issues and insecure default settings in its components. While Skyhigh offers visibility into cloud environments, its own implementation has occasionally introduced risks rather than mitigating them, particularly in API access controls and session management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-6398 | Trellix Secure Web Gateway 信息泄露漏洞 — Secure Web GatewayCWE-200 | 4.3 | Medium | 2024-07-15 |
| CVE-2024-0313 | Skyhigh Client Proxy 安全漏洞 — Skyhigh Client ProxyCWE-670 | 5.5 | Medium | 2024-03-14 |
| CVE-2024-0312 | Skyhigh Client Proxy 安全漏洞 — Skyhigh Client ProxyCWE-622 | 5.5 | Medium | 2024-03-14 |
| CVE-2024-0311 | Skyhigh Client Proxy 安全漏洞 — Skyhigh Client ProxyCWE-622 | 5.5 | Medium | 2024-03-14 |
This page lists every published CVE security advisory associated with Skyhigh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.