CVE-2023-39211
08.08.2023, 22:15
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access.Enginsight
| Vendor | Product | Version |
|---|---|---|
| zoom | rooms | 𝑥 < 5.15.5 |
| zoom | zoom | 𝑥 < 5.15.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-347 - Improper Verification of Cryptographic SignatureThe software does not verify, or incorrectly verifies, the cryptographic signature for data.
- CWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.