Lucene search
ZoomCVELIST:CVE-2023-43582HistoryNov 14, 2023 - 11:12 p.m.
CVE-2023-43582
2023-11-1423:12:32
CWE-287
Zoom
www.cve.org
zoom clients
authorization
privilege escalation
network access
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
9.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.4%
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux",
"iOS",
"Android"
],
"product": "Zoom Clients",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "see references"
}
]
}
]Related
prion
prion
Authorization
2023-11-15 00:15:00
nvd
nvd
CVE-2023-43582
2023-11-15 00:15:08
nessus
nessus
Zoom Client for Meetings < 5.16.0 Vulnerability (ZSB-23055)
2023-11-14 00:00:00
Zoom VDI Meeting Client < 5.16.0 Vulnerability (ZSB-23055)
2023-11-14 00:00:00
cve
cve
CVE-2023-43582
2023-11-15 00:15:08
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
9.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.4%
Related for CVELIST:CVE-2023-43582