Lucene search

ZoomCVELIST:CVE-2024-42437

HistoryAug 14, 2024 - 4:41 p.m.

CVE-2024-42437 Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow

2024-08-1416:41:12

CWE-122

Zoom

www.cve.org

cve-2024

zoom

workplace apps

sdks

rooms clients

buffer overflow

denial of service

network access

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

14.1%

JSON

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux",
      "iOS",
      "Android"
    ],
    "product": "Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers",
    "vendor": "Zoom Communications Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "see references"
      }
    ]
  }
]

References

www.zoom.com/en/trust/security-bulletin/zsb-24031

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

14.1%

JSON

Related for CVELIST:CVE-2024-42437