Lucene search

K
cve[email protected]CVE-2023-39206
HistoryNov 14, 2023 - 11:15 p.m.

CVE-2023-39206

2023-11-1423:15:09
CWE-120
web.nvd.nist.gov
14
cve-2023-39206
buffer overflow
zoom clients
unauthenticated
dos
network access
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.5%

Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.

Affected configurations

NVD
Node
zoommeetingsRange<5.16.0android
OR
zoommeetingsRange<5.16.0iphone_os
OR
zoommeetingsRange<5.16.0linux
OR
zoommeetingsRange<5.16.0macos
OR
zoommeetingsRange<5.16.0windows
OR
zoomroomsRange<5.16.0android
OR
zoomroomsRange<5.16.0ipad_os
OR
zoomroomsRange<5.16.0macos
OR
zoomroomsRange<5.16.0windows
OR
zoomvideo_software_development_kitRange<1.9.0android
OR
zoomvideo_software_development_kitRange<1.9.0iphone_os
OR
zoomvideo_software_development_kitRange<1.9.0linux
OR
zoomvideo_software_development_kitRange<1.9.0macos
OR
zoomvideo_software_development_kitRange<1.9.0windows
OR
zoomvirtual_desktop_infrastructureRange<5.14.13
OR
zoomvirtual_desktop_infrastructureRange5.15.05.15.11
OR
zoomzoomRange<5.16.0android
OR
zoomzoomRange<5.16.0iphone_os
OR
zoomzoomRange<5.16.0linux
OR
zoomzoomRange<5.16.0macos
OR
zoomzoomRange<5.16.0windows

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux",
      "iOS",
      "Android"
    ],
    "product": "Zoom Clients",
    "vendor": "Zoom Video Communications, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "see references"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.5%

Related for CVE-2023-39206