Lucene search
ZoomCVE-2023-39201HistorySep 12, 2023 - 8:15 p.m.
CVE-2023-39201
2023-09-1220:15:08
CWE-426
Zoom
web.nvd.nist.gov
17
cve-2023-39201
untrusted search path
cleanzoom
privilege escalation
local access
CVSS3
7.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access.
Affected configurations
Node
zoomcleanzoomRange<2023-07-24
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "CleanZoom",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "before file date 07/24/2023"
}
]
}
]Related
prion
prion
Privilege escalation
2023-09-12 20:15:00
cvelist
cvelist
CVE-2023-39201
2023-09-12 19:56:36
nvd
nvd
CVE-2023-39201
2023-09-12 20:15:08
CVSS3
7.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for CVE-2023-39201