CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-39215
https://notcve.org/view.php?id=CVE-2023-39215
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access. Una autenticación inadecuada en los clientes de Zoom puede permitir que un usuario autenticado realice una denegación de servicio a través del acceso a la red. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-287: Improper Authentication CWE-449: The UI Performs the Wrong Action •
CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 0CVE-2023-39214
https://notcve.org/view.php?id=CVE-2023-39214
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere CWE-749: Exposed Dangerous Method or Function •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39210
https://notcve.org/view.php?id=CVE-2023-39210
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-39217
https://notcve.org/view.php?id=CVE-2023-39217
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-20: Improper Input Validation CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-36533
https://notcve.org/view.php?id=CVE-2023-36533
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access. El consumo incontrolado de recursos en los SDK de Zoom anteriores a 5.14.7 puede permitir que un usuario no autenticado habilite una denegación de servicio a través del acceso a la red. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •