Lucene search

[email protected]NVD:CVE-2023-43585

HistoryDec 13, 2023 - 11:15 p.m.

CVE-2023-43585

2023-12-1323:15:07

CWE-284

[email protected]

web.nvd.nist.gov

zoom

ios

access control

disclosure

network access

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

18.3%

JSON

Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.

Affected configurations

NVD

Node

zoommeeting_software_development_kitRange<5.16.0android

zoommeeting_software_development_kitRange<5.16.5iphone_os

zoomvideo_software_development_kitRange<5.16.5iphone_os

zoomzoomRange<5.16.5iphone_os

References

www.zoom.com/en/trust/security-bulletin/ZSB-23058/

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

18.3%

JSON

Related for NVD:CVE-2023-43585

cvelist1 cve1 prion1