CVE-2021-34418

🗓️ 11 Nov 2021 22:59:47Reported by ZoomType

CVE-2021-34418: Zoom On-Premise Meeting Connector login routine allows NULL byte injection

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2021-34418	12 Nov 202102:38	–	circl
CNNVD	ZOOM 多款产品代码问题漏洞	11 Nov 202100:00	–	cnnvd
Cvelist	CVE-2021-34418 Pre-auth Null pointer crash in on-premise web console	11 Nov 202122:59	–	cvelist
EUVD	EUVD-2021-21076	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Zoom	15 Nov 202100:00	–	ncsc
NVD	CVE-2021-34418	11 Nov 202123:15	–	nvd
OSV	CVE-2021-34418	11 Nov 202123:15	–	osv
Prion	Code injection	11 Nov 202123:15	–	prion

NVD

Node

zoom zoom_on-premise_meeting_connector_controllerRange<4.6.239.20200613

zoom zoom_on-premise_meeting_connector_mmrRange<4.6.239.20200613

zoom zoom_on-premise_recording_connectorRange<3.8.42.20200905

zoom zoom_on-premise_virtual_room_connectorRange<4.4.6344.20200612

zoom zoom_on-premise_virtual_room_connector_load_balancerRange<2.5.5492.20200616

[
  {
    "product": "Zoom On-Premise Meeting Connector",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "4.6.239.20200613",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom On-Premise Meeting Connector MMR",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "4.6.239.20200613",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom On-Premise Recording Connector",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "3.8.42.20200905",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom On-Premise Virtual Room Connector",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "4.4.6344.20200612",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom On-Premise Virtual Room Connector Load Balancer",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "2.5.5492.20200616",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
explore	www.explore.zoom.us/en/trust/security/security-bulletin

21 Nov 2024 06:10Current

4.7Medium risk

Vulners AI Score4.7

CVSS 25

CVSS 3.14 - 5.3

EPSS0.00184

CWE-476