CVE-2023-39211
EUVD-2023-4294508.08.2023, 22:15
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| zoom | rooms | 𝑥 < 5.15.5 |
| zoom | zoom | 𝑥 < 5.15.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-347 - Improper Verification of Cryptographic SignatureThe software does not verify, or incorrectly verifies, the cryptographic signature for data.
- CWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.