CVE-2022-28755

🗓️ 11 Aug 2022 14:55:46Reported by ZoomType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 536 Views

The Zoom Client for Meetings has a URL parsing vulnerability

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2022-28755	9 Aug 202200:00	–	attackerkb
Circl	CVE-2022-28755	11 Aug 202220:31	–	circl
CNNVD	Zoom Client 输入验证错误漏洞	11 Aug 202200:00	–	cnnvd
Cvelist	CVE-2022-28755 Improper URL parsing in Zoom Clients	11 Aug 202214:55	–	cvelist
EUVD	EUVD-2022-33194	3 Oct 202520:07	–	euvd
NVD	CVE-2022-28755	11 Aug 202215:15	–	nvd
OpenVAS	Zoom Client < 5.11.0 Improper Input Validation Vulnerability (ZSB-22016) - Mac OS X	16 Aug 202200:00	–	openvas
OpenVAS	Zoom Client < 5.11.0 Improper Input Validation Vulnerability (ZSB-22016) - Windows	16 Aug 202200:00	–	openvas
OpenVAS	Zoom Client < 5.11.0 Improper Input Validation Vulnerability (ZSB-22016) - Linux	16 Aug 202200:00	–	openvas
Prion	Remote code execution	11 Aug 202215:15	–	prion

NVD

Node

zoom virtual_desktop_infrastructureRange<5.10.7

zoom zoomRange<5.11.0android

zoom zoomRange<5.11.0iphone_os

zoom zoomRange<5.11.0linux

zoom zoomRange<5.11.0macos

zoom zoomRange<5.11.0windows

[
  {
    "product": "Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows)",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.11.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Zoom VDI Windows Meeting Clients",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.10.7",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
explore	www.explore.zoom.us/en/trust/security/security-bulletin/

21 Nov 2024 06:57Current

8.2High risk

Vulners AI Score8.2

CVSS 3.16.1 - 9.6

EPSS0.00537