Lucene search

[email protected]NVD:CVE-2024-42436

HistoryAug 14, 2024 - 5:15 p.m.

CVE-2024-42436

2024-08-1417:15:16

CWE-122

CWE-787

[email protected]

web.nvd.nist.gov

buffer overflow

zoom workplace apps

denial of service

network access

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

14.1%

JSON

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

Affected configurations

Nvd

Node

zoommeeting_software_development_kitRange<6.1.0android

zoommeeting_software_development_kitRange<6.1.0iphone_os

zoommeeting_software_development_kitRange<6.1.0macos

zoommeeting_software_development_kitRange<6.1.0windows

zoomroomsRange<6.1.0ipados

zoomroomsRange<6.1.0macos

zoomroomsRange<6.1.0windows

zoomrooms_controllerRange<6.1.0android

zoomrooms_controllerRange<6.1.0linux

zoomrooms_controllerRange<6.1.0macos

zoomrooms_controllerRange<6.1.0windows

zoomworkplaceRange<6.1.0android

zoomworkplaceRange<6.1.0iphone_os

zoomworkplace_desktopRange<6.1.0linux

zoomworkplace_desktopRange<6.1.0macos

zoomworkplace_desktopRange<6.1.0windows

zoomworkplace_virtual_desktop_infrastructureRange<5.17.14windows

zoomworkplace_virtual_desktop_infrastructureRange6.0–6.0.11windows

VendorProductVersionCPE
zoommeeting_software_development_kit*cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:android:*:*
zoommeeting_software_development_kit*cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:iphone_os:*:*
zoommeeting_software_development_kit*cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*
zoommeeting_software_development_kit*cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*
zoomrooms*cpe:2.3:a:zoom:rooms:*:*:*:*:*:ipados:*:*
zoomrooms*cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*
zoomrooms*cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*
zoomrooms_controller*cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:android:*:*
zoomrooms_controller*cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:linux:*:*
zoomrooms_controller*cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:macos:*:*

Vendor	Product	Version	CPE
zoom	meeting_software_development_kit	*	cpe:2.3:a:zoom:meeting_software_development_kit::::::android::*
zoom	meeting_software_development_kit	*	cpe:2.3:a:zoom:meeting_software_development_kit::::::iphone_os::*
zoom	meeting_software_development_kit	*	cpe:2.3:a:zoom:meeting_software_development_kit::::::macos::*
zoom	meeting_software_development_kit	*	cpe:2.3:a:zoom:meeting_software_development_kit::::::windows::*
zoom	rooms	*	cpe:2.3:a:zoom:rooms::::::ipados::*
zoom	rooms	*	cpe:2.3:a:zoom:rooms::::::macos::*
zoom	rooms	*	cpe:2.3:a:zoom:rooms::::::windows::*
zoom	rooms_controller	*	cpe:2.3:a:zoom:rooms_controller::::::android::*
zoom	rooms_controller	*	cpe:2.3:a:zoom:rooms_controller::::::linux::*
zoom	rooms_controller	*	cpe:2.3:a:zoom:rooms_controller::::::macos::*

Rows per page:

1-10 of 171

References

www.zoom.com/en/trust/security-bulletin/zsb-24031

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

14.1%

JSON

Related for NVD:CVE-2024-42436

cve1 vulnrichment1 cvelist1