Lucene search

[email protected]NVD:CVE-2023-34114

HistoryJun 13, 2023 - 7:15 p.m.

CVE-2023-34114

2023-06-1319:15:09

CWE-668

[email protected]

web.nvd.nist.gov

zoom

windows

macos

information disclosure

network access

authenticated user

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

24.2%

JSON

Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access.

Affected configurations

Nvd

Node

zoomzoomRange<5.14.10macos

zoomzoomRange<5.14.10windows

References

explore.zoom.us/en/trust/security/security-bulletin/

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

24.2%

JSON

Related for NVD:CVE-2023-34114

prion1 nessus1 cvelist1 openvas2 cve1