Lucene search
HistoryAug 08, 2023 - 6:15 p.m.
CVE-2023-39218
cve-2023-39218
zoom
security
information disclosure
network access
privileged user
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
5.3 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.2%
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
Affected configurations
Node
zoomroomsRange<5.14.10android
ORzoomroomsRange<5.14.10ipad_os
ORzoomroomsRange<5.14.10macos
ORzoomroomsRange<5.14.10windows
ORzoomvirtual_desktop_infrastructureRange<5.14.10
ORzoomzoomRange<5.14.10android
ORzoomzoomRange<5.14.10iphone_os
ORzoomzoomRange<5.14.10linux
ORzoomzoomRange<5.14.10macos
ORzoomzoomRange<5.14.10windows
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Zoom Clients",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "before 5.14.10"
}
]
}
]Related
nvd
nvd
CVE-2023-39218
2023-08-08 18:15:23
nessus
nessus
Zoom Client for Meetings < 5.14.10 Vulnerability (ZSB-23034)
2023-11-03 00:00:00
prion
prion
Information disclosure
2023-08-08 18:15:00
cvelist
cvelist
CVE-2023-39218
2023-08-08 17:54:59
openvas
openvas
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
5.3 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.2%
Related for CVE-2023-39218