Lucene search
HistoryAug 08, 2023 - 10:15 p.m.
CVE-2023-39214
cve-2023-39214
zoom
client sdk
sensitive information
denial of service
network access
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.7 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.4%
Exposure of sensitive information in Zoom Client SDK’s before 5.15.5 may allow an authenticated user to enable a denial of service via network access.
Affected configurations
Node
zoommeeting_software_development_kitRange<5.15.5linux
ORzoommeeting_software_development_kitRange<5.15.5macos
ORzoommeeting_software_development_kitRange<5.15.5windows
ORzoomroomsRange<5.15.5android
ORzoomroomsRange<5.15.5ipad_os
ORzoomroomsRange<5.15.5macos
ORzoomroomsRange<5.15.5windows
ORzoomzoomRange<5.15.5android
ORzoomzoomRange<5.15.5iphone_os
ORzoomzoomRange<5.15.5linux
ORzoomzoomRange<5.15.5macos
ORzoomzoomRange<5.15.5windows
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Zoom SDK's",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "before 5.15.5"
}
]
}
]Related
cvelist
cvelist
CVE-2023-39214
2023-08-08 21:38:25
nvd
nvd
CVE-2023-39214
2023-08-08 22:15:10
prion
prion
Design/Logic Flaw
2023-08-08 22:15:00
openvas
openvas
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.7 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.4%
Related for CVE-2023-39214