Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.
References
Link | Resource |
---|---|
https://explore.zoom.us/en/trust/security/security-bulletin/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
15 Aug 2023, 15:30
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | (MISC) https://explore.zoom.us/en/trust/security/security-bulletin/ - Vendor Advisory | |
First Time |
Zoom
Zoom virtual Desktop Infrastructure Zoom zoom |
|
CPE | cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:* cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:* |
|
CWE | CWE-74 |
08 Aug 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-08 22:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-39213
Mitre link : CVE-2023-39213
CVE.ORG link : CVE-2023-39213
JSON object : View
Products Affected
zoom
- virtual_desktop_infrastructure
- zoom
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')