Lucene search
HistoryDec 13, 2023 - 11:15 p.m.
CVE-2023-43585
cve-2023-43585
zoom
ios
access control
disclosure
information security
network access
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
6 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.3%
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.
Affected configurations
Node
zoommeeting_software_development_kitRange<5.16.0android
ORzoommeeting_software_development_kitRange<5.16.5iphone_os
ORzoomvideo_software_development_kitRange<5.16.5iphone_os
ORzoomzoomRange<5.16.5iphone_os
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"iOS"
],
"product": "Zoom Mobile App for iOS and SDKs for iOS",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "before 5.16.0"
}
]
}
]Related
cvelist
cvelist
CVE-2023-43585
2023-12-13 22:15:58
prion
prion
Improper access control
2023-12-13 23:15:00
nvd
nvd
CVE-2023-43585
2023-12-13 23:15:07
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
6 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.3%
Related for CVE-2023-43585