CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28761 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28761
14 Oct 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220916.131, contiene una vulnerabilidad de control de acceso inapropiado. Como resultado, un actor malicioso en una reunión o seminario web al que está au... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28759 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28759
14 Oct 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220815.130, contiene una vulnerabilidad de control de acceso inapropiado. Como resultado, un actor malicioso podría obtener la transmisión de audio y vídeo de una reunión a... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28760 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28760
14 Oct 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220815.130, contiene una vulnerabilidad de control de acceso inapropiado. Como resultado, un actor malicioso podría obtener la transmisión de audio y vídeo de una reunión a... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28758 – Zoom On-Premise Deployments: Improper Access Control
https://notcve.org/view.php?id=CVE-2022-28758
16 Sep 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.20220815.130, contiene una vulnerabilidad de control de acceso inapropiada. Como resultado, un actor malicioso podría obtener la transmisión de audio y vídeo de una reunión a... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28753 – Zoom On-Premise Deployments: Improper Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2022-28753
11 Aug 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.129.20220714, contiene una vulnerabilidad de control de acceso inapropiada. Com... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28750 – Zoom On-Premise Deployments: Stack Buffer Overflow in Meeting Connector
https://notcve.org/view.php?id=CVE-2022-28750
11 Aug 2022 — Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code. Zoom On-Premise Meeting Connector Zone Controller (ZC) versiones anteriores a 4.8.20220419.112, no analiza apropiadamente los códigos de error STUN, lo que puede resultar en u... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28754 – Zoom On-Premise Deployments: Improper Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2022-28754
11 Aug 2022 — Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 contains an improper access control vulnerability. As a result, a malicious actor can join a meeting which they are authorized to join without appearing to the other participants, can admit themselves into the meeting from the waiting room, and can become host and cause other meeting disruptions. Zoom On-Premise Meeting Connector MMR versiones anteriores a 4.8.129.20220714, contiene una vulnerabilidad de control de acceso inapropiada. Com... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28749 – Insufficient Authorization Check During Meeting Join
https://notcve.org/view.php?id=CVE-2022-28749
15 Jun 2022 — Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host. Zooms On-Premise Meeting Connector MMR versiones anteriores a 4.8.113.20220526, no comprueba correctamente los permisos de los asistentes a las reuniones de Zoom. Como resultado, un actor de la amenaza en la sala de espera de Zooms puede unirse a la reunión sin el ... • https://explore.zoom.us/en/trust/security/security-bulletin •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22783 – Process memory exposure in Zoom on-premise Meeting services
https://notcve.org/view.php?id=CVE-2022-22783
28 Apr 2022 — A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker. Una vulnerabilidad en Zoom On-Premise Meeting Connector Controller versión 4.8.102.20220310 y On-Premise Meeting Connector MMR versión 4.8.102.20220310, expone fragmentos de memoria de proceso a clientes conectados, que podrían ser observados por un atacante ... • https://explore.zoom.us/en/trust/security/security-bulletin •
CVSS: 7.5EPSS: 0%CPEs: 50EXPL: 1CVE-2021-34424 – Process memory exposure in Zoom Client and other products
https://notcve.org/view.php?id=CVE-2021-34424
24 Nov 2021 — A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Window... • https://packetstorm.news/files/id/165419 • CWE-125: Out-of-bounds Read •