Lucene search
HistoryAug 08, 2023 - 10:15 p.m.
CVE-2023-39213
improper neutralization
special elements
zoom client
privilege escalation
network access
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.002
Percentile
55.3%
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.
Affected configurations
Node
zoomvirtual_desktop_infrastructureRange<5.15.2
ORzoomzoomRange<5.15.2windows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zoom | virtual_desktop_infrastructure | * | cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:* |
| zoom | zoom | * | cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:* |
Related
nessus
nessus
Zoom Client for Meetings < 5.15.2 Vulnerability (ZSB-23038)
2023-11-03 00:00:00
Zoom VDI Meeting Client < 5.15.2 Vulnerability (ZSB-23038)
2023-11-03 00:00:00
prion
prion
Design/Logic Flaw
2023-08-08 22:15:00
openvas
openvas
cve
cve
CVE-2023-39213
2023-08-08 22:15:10
cvelist
cvelist
CVE-2023-39213
2023-08-08 21:36:13
malwarebytes
malwarebytes
Insights into your unpatched vulnerabilities
2023-12-11 10:17:48
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.002
Percentile
55.3%
Related for NVD:CVE-2023-39213