Lucene search

[email protected]NVD:CVE-2023-39215

HistorySep 12, 2023 - 8:15 p.m.

CVE-2023-39215

2023-09-1220:15:09

CWE-287

[email protected]

web.nvd.nist.gov

cve-2023-39215

improper authentication

zoom clients

denial of service

network access

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.

Affected configurations

NVD

Node

zoommeeting_software_development_kitRange<5.15.5android

zoomvirtual_desktop_infrastructureRange<5.14.12

zoomvirtual_desktop_infrastructureRange5.15.0–5.15.4

zoomzoomRange<5.15.5android

zoomzoomRange<5.15.5iphone_os

zoomzoomRange<5.15.5linux

zoomzoomRange<5.15.5macos

zoomzoomRange<5.15.5windows

References

explore.zoom.us/en/trust/security/security-bulletin/

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

Related for NVD:CVE-2023-39215

cvelist1 cve1 prion1 nessus3 openvas3