Lucene search

[email protected]NVD:CVE-2021-34410

HistorySep 27, 2021 - 2:15 p.m.

CVE-2021-34410

2021-09-2714:15:08

CWE-732

[email protected]

web.nvd.nist.gov

zoom plugin

microsoft outlook

mac

privilege escalation

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root.

Affected configurations

Nvd

Node

zoomzoom_plugin_for_microsoft_outlookRange<5.0.25611.0521macos

VendorProductVersionCPE
zoomzoom_plugin_for_microsoft_outlook*cpe:2.3:a:zoom:zoom_plugin_for_microsoft_outlook:*:*:*:*:*:macos:*:*

Vendor	Product	Version	CPE
zoom	zoom_plugin_for_microsoft_outlook	*	cpe:2.3:a:zoom:zoom_plugin_for_microsoft_outlook::::::macos::*

References

explore.zoom.us/en/trust/security/security-bulletin/

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2021-34410

cvelist1 prion1 cnvd1 cve1