Lucene search

[email protected]CVE-2023-39204

HistoryNov 14, 2023 - 11:15 p.m.

CVE-2023-39204

2023-11-1423:15:08

CWE-120

[email protected]

web.nvd.nist.gov

cve-2023-39204

buffer overflow

zoom clients

denial of service

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

JSON

Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.

Affected configurations

NVD

Node

zoommeetingsRange<5.15.10android

zoommeetingsRange<5.15.10iphone_os

zoommeetingsRange<5.15.10linux

zoommeetingsRange<5.15.10macos

zoommeetingsRange<5.15.10windows

zoomroomsRange<5.15.10android

zoomroomsRange<5.15.10ipad_os

zoomroomsRange<5.15.10macos

zoomroomsRange<5.15.10windows

zoomvideo_software_development_kitRange<5.15.10android

zoomvideo_software_development_kitRange<5.15.10iphone_os

zoomvideo_software_development_kitRange<5.15.10linux

zoomvideo_software_development_kitRange<5.15.10macos

zoomvideo_software_development_kitRange<5.15.10windows

zoomvirtual_desktop_infrastructureRange<5.14.13

zoomvirtual_desktop_infrastructureRange5.15.0–5.15.11

zoomzoomRange<5.15.10android

zoomzoomRange<5.15.10iphone_os

zoomzoomRange<5.15.10linux

zoomzoomRange<5.15.10macos

zoomzoomRange<5.15.10windows

CPENameOperatorVersion
zoom:meetingszoom meetingslt5.15.10
zoom:roomszoom roomslt5.15.10
zoom:video_software_development_kitzoom video software development kitlt5.15.10
zoom:virtual_desktop_infrastructurezoom virtual desktop infrastructurelt5.14.13
zoom:virtual_desktop_infrastructurezoom virtual desktop infrastructurelt5.15.11
zoom:zoomzoomlt5.15.10

CPE	Name	Operator	Version
zoom:meetings	zoom meetings	lt	5.15.10
zoom:rooms	zoom rooms	lt	5.15.10
zoom:video_software_development_kit	zoom video software development kit	lt	5.15.10
zoom:virtual_desktop_infrastructure	zoom virtual desktop infrastructure	lt	5.14.13
zoom:virtual_desktop_infrastructure	zoom virtual desktop infrastructure	lt	5.15.11
zoom:zoom	zoom	lt	5.15.10

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux",
      "iOS",
      "Android"
    ],
    "product": "Zoom Clients",
    "vendor": "Zoom Video Communications, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "see references"
      }
    ]
  }
]