Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
References
Link | Resource |
---|---|
https://explore.zoom.us/en/trust/security/security-bulletin/ | Vendor Advisory |
Configurations
History
19 Sep 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access. | |
CWE | CWE-79 |
21 Jun 2023, 20:54
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:* cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:* cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | (MISC) https://explore.zoom.us/en/trust/security/security-bulletin/ - Vendor Advisory | |
First Time |
Zoom rooms
Zoom zoom Microsoft Zoom virtual Desktop Infrastructure Zoom Microsoft windows |
13 Jun 2023, 18:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-13 18:15
Updated : 2024-09-19 20:15
NVD link : CVE-2023-34121
Mitre link : CVE-2023-34121
CVE.ORG link : CVE-2023-34121
JSON object : View
Products Affected
zoom
- zoom
- rooms
- virtual_desktop_infrastructure
microsoft
- windows
CWE
NVD-CWE-noinfo
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')