Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11797
HistoryOct 05, 2018 - 12:00 a.m.

KLA11797 Security vulnerability in Zoom

2018-10-0500:00:00
Kaspersky Lab
threats.kaspersky.com
8

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.4%

JSON

Security vulnerability was found in Zoom. Malicious users can exploit this vulnerability to obtain sensitive information, bypass security restrictions, spoof user interface.

Original advisories

Zoom Security CVE-2018-15715

CVE-2018-15715

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Zoom-MSI

CVE list

CVE-2018-15715 critical

Solution

Update to the latest version

Download Zoom

Impacts

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

  • Zoom earlier thanWindows: 4.1.34460.1105Mac: 4.1.34475.1105Linux: 2.5.146186.1130IOS: 4.1.18 (4460.1105)Android: 4.1.34489.1105Chrome: 3.3.1635.1130

Related

checkpoint_advisories 1
cvelist 1
nvd 1
cve 1
nessus 5
prion 1
threatpost 1
openvas 1
checkpoint_advisories
checkpoint_advisories
Zoom Desktop Application Unauthorized UDP Message (CVE-2018-15715)
2018-12-24 00:00:00
cvelist
cvelist
CVE-2018-15715
2018-11-29 00:00:00
nvd
nvd
CVE-2018-15715
2018-11-30 20:29:00
cve
cve
CVE-2018-15715
2018-11-30 20:29:00
nessus
nessus
Zoom Client for Meetings < 4.1.34460.1105 Vulnerability (ZSB-18001)
2022-12-15 00:00:00
Zoom Client for Meetings 4.x < 4.1.34801.1116 Message Spoofing Vulnerability (macOS)
2018-11-28 00:00:00
Zoom Client for Meetings 4.x < 4.1.34814.1119 Message Spoofing Vulnerability
2018-11-28 00:00:00
prion
prion
Design/Logic Flaw
2018-11-30 20:29:00
threatpost
threatpost
Critical Zoom Flaw Lets Hackers Hijack Conference Meetings
2018-11-29 19:02:54
openvas
openvas
Zoom Client Unauthorized Message Processing Vulnerability (ZSB-18001)
2021-10-12 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.4%

JSON
Related for KLA11797
checkpoint_advisories1cvelist1nvd1cve1nessus5prion1threatpost1openvas1