Lucene search

[email protected]CVE-2023-39205

HistoryNov 14, 2023 - 11:15 p.m.

CVE-2023-39205

2023-11-1423:15:08

CWE-754

[email protected]

web.nvd.nist.gov

zoom

team chat

cve-2023-39205

network access

denial of service

authentication

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.4%

JSON

Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.

Affected configurations

NVD

Node

zoommeetingsRange<5.16.0android

zoommeetingsRange<5.16.0iphone_os

zoommeetingsRange<5.16.0linux

zoommeetingsRange<5.16.0macos

zoommeetingsRange<5.16.0windows

zoomvideo_software_development_kitRange<1.9.0android

zoomvideo_software_development_kitRange<1.9.0iphone_os

zoomvideo_software_development_kitRange<1.9.0linux

zoomvideo_software_development_kitRange<1.9.0macos

zoomvideo_software_development_kitRange<1.9.0windows

zoomvirtual_desktop_infrastructureRange<5.14.13

zoomvirtual_desktop_infrastructureRange5.15.0–5.15.11

zoomzoomRange<5.16.0android

zoomzoomRange<5.16.0iphone_os

zoomzoomRange<5.16.0linux

zoomzoomRange<5.16.0macos

zoomzoomRange<5.16.0windows

CPENameOperatorVersion
zoom:meetingszoom meetingslt5.16.0
zoom:video_software_development_kitzoom video software development kitlt1.9.0
zoom:virtual_desktop_infrastructurezoom virtual desktop infrastructurelt5.14.13
zoom:virtual_desktop_infrastructurezoom virtual desktop infrastructurelt5.15.11
zoom:zoomzoomlt5.16.0

CPE	Name	Operator	Version
zoom:meetings	zoom meetings	lt	5.16.0
zoom:video_software_development_kit	zoom video software development kit	lt	1.9.0
zoom:virtual_desktop_infrastructure	zoom virtual desktop infrastructure	lt	5.14.13
zoom:virtual_desktop_infrastructure	zoom virtual desktop infrastructure	lt	5.15.11
zoom:zoom	zoom	lt	5.16.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux",
      "iOS",
      "Android"
    ],
    "product": "Zoom Clients",
    "vendor": "Zoom Video Communications, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "see references"
      }
    ]
  }
]